--%> SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)
[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Active Directory Invalid Free Vulnerability - MS09-018

ID: oval:org.secpod.oval:def:2611Date: (C)2011-10-27   (M)2017-10-04
Class: PATCHFamily: windows




The host is missing critical security update according to Microsoft security bulletin, MS09-018. The update is required to fix remote code execution vulnerability. A flaw is present in LDAP service in Active Directory, which does not properly free memory and allow memory leak for LDAP and LDAPS requests, which results in consumption of memory or remote arbitrary code execution. Successful exploitation could result in a denial of service condition.

Platform:
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2003
Product:
Active Directory
Active Directory Application Mode
Reference:
MS09-018
CVE-2009-1138
CVE-2009-1139
CVE    2
CVE-2009-1139
CVE-2009-1138
CPE    9
cpe:/a:microsoft:active_directory
cpe:/a:microsoft:active_directory_application_mode
cpe:/o:microsoft:windows_xp::sp2:x86
cpe:/o:microsoft:windows_xp::sp3:x86
...
XCCDF    4
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-xp
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© 2013 SecPod Technologies