MS09-069

Executive Summary

Summary
Title	Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)

Informations
Name	MS09-069	First vendor Publication	2009-12-08
Vendor	Microsoft	Last vendor Modification	2009-12-08
Severity (Vendor)	Important	Revision	1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.9	Attack Complexity	Low
Cvss Expoit Score	8	Authentification	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.0 (December 8, 2009): Bulletin published.

Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow a denial of service if a remote, authenticated attacker, while communicating through Internet Protocol security (IPsec), sends a specially crafted ISAKMP message to the Local Security Authority Subsystem Service (LSASS) on an affected system.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/MS09-069

CWE : Common Weakness Enumeration

id	Name
CWE-399	Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6639

Oval ID:	oval:org.mitre.oval:def:6639
Title:	Local Security Authority Subsystem Service Resource Exhaustion Vulnerability
Description:	LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-3675	Version:	1
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):
Definition Synopsis:
IF Microsoft Windows 2000 SP4 or later is installed AND the version of Oakley.dll is less than 5.0.2195.7343 OR Microsoft Windows XP (x86) SP2 is installed AND the version of Oakley.dll is less than 5.1.2600.3632 OR Microsoft Windows XP (x86) SP3 is installed AND the version of Oakley.dll is less than 5.1.2600.5886 OR IF Microsoft Windows XP x64 Edition SP2 is installed AND Microsoft Windows Server 2003 SP2 (x86) is installed AND Microsoft Windows Server 2003 SP2 (x64) is installed AND Microsoft Windows Server 2003 (ia64) SP2 is installed AND the version of Oakley.dll is less than 5.2.3790.4600

CPE : Common Platform Enumeration

Type	Description	Count
Os	Microsoft Windows 2000 cpe:/o:microsoft:windows_2000:sp4	1
Os	Microsoft Windows 2003 Server cpe:/o:microsoft:windows_2003_server:-:sp2:x64 cpe:/o:microsoft:windows_2003_server:-:sp2:itanium cpe:/o:microsoft:windows_2003_server::sp2	3
Os	Microsoft Windows Xp cpe:/o:microsoft:windows_xp:sp2 cpe:/o:microsoft:windows_xp::sp2:x64 cpe:/o:microsoft:windows_xp::sp3	3