[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111604

 
 

909

 
 

87185

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Active Directory Invalid Free Vulnerability - MS09-018

ID: oval:org.secpod.oval:def:2611Date: (C)2011-10-27   (M)2018-05-27
Class: PATCHFamily: windows




The host is missing critical security update according to Microsoft security bulletin, MS09-018. The update is required to fix remote code execution vulnerability. A flaw is present in LDAP service in Active Directory, which does not properly free memory and allow memory leak for LDAP and LDAPS requests, which results in consumption of memory or remote arbitrary code execution. Successful exploitation could result in a denial of service condition.

Platform:
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2003
Product:
Active Directory
Active Directory Application Mode
Reference:
MS09-018
CVE-2009-1138
CVE-2009-1139
CVE    2
CVE-2009-1139
CVE-2009-1138
CPE    9
cpe:/o:microsoft:windows_xp::sp3:x86
cpe:/o:microsoft:windows_xp::sp2:x86
cpe:/o:microsoft:windows_2003_server::sp2:x64
cpe:/o:microsoft:windows_2000::sp4
...
XCCDF    4
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-2000
xccdf_com.secpod_benchmark_microsoft-windows-xp
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2003
...

© SecPod Technologies