Executive Summary

Summary
Title Vulnerability in Active Directory Could Allow Remote Code Execution (957280)
Informations
Name MS08-060 First vendor Publication 2008-10-14
Vendor Microsoft Last vendor Modification 2008-10-15
Severity (Vendor) Critical Revision 1.1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.1 (October 15, 2008): Updated the Non-Affected Software table.Summary: This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker gains access to an affected network. This vulnerability only affects Microsoft Windows 2000 servers configured to be domain controllers. If a Microsoft Windows 2000 server has not been promoted to a domain controller, it will not be listening to Lightweight Directory Access Protocol (LDAP) or LDAP over SSL (LDAPS) queries, and will not be exposed to this vulnerability.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS08-060.mspx

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6107
 
Oval ID: oval:org.mitre.oval:def:6107
Title: Active Directory Overflow Vulnerability
Description: Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-4023
Version: 1
Platform(s): Microsoft Windows 2000
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1

OpenVAS Exploits

Date Description
2008-10-15 Name : Active Directory Could Allow Remote Code Execution Vulnerability (957280)
File : nvt/secpod_ms08-060_900050.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
49058 Microsoft Windows Active Directory LDAP(S) Request Handling Remote Overflow

Snort® IPS/IDS

Date Description
2014-01-10 Active Directory malformed baseObject denial of service attempt
RuleID : 14646 - Revision : 8 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2008-10-15 Name : It is possible to execute arbitrary code through Active Directory on the remo...
File : smb_nt_ms08-060.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:46:05
  • Multiple Updates
2014-01-19 21:30:15
  • Multiple Updates
2013-05-11 00:49:23
  • Multiple Updates