Microsoft Windows Active Directory LDAP Request Validation Remote Code Execution Vulnerability

Bugtraq ID: 24800
Class: Input Validation Error
CVE: CVE-2007-0040
Remote: Yes
Local: No
Published: Jul 10 2007 12:00AM
Updated: Jul 13 2007 03:27PM
Credit: Neel Mehta of IBM Internet Security Systems X-force is credited with the discovery of this vulnerability.
Vulnerable: Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 Itanium 0
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows 2000 Server SP4
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server
+ Avaya DefinityOne Media Servers
+ Avaya IP600 Media Servers
+ Avaya S3400 Message Application Server 0
 + Avaya S8100 Media Servers 0
 Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 0
Avaya Customer Interaction Express (CIE) User Interface 1.0.2
Avaya Customer Interaction Express (CIE) User Interface 1.0
Avaya Customer Interaction Express (CIE) Server 1.0
Avaya CIE 1.0.2
Avaya CIE 1.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus