CVE-2008-1445

Published: Jun 12, 2008Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

Active Directory on Microsoft Windows 2000 Server SP4, XP Professional SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to cause a denial of service (system hang or reboot) via a crafted LDAP request.

Affected (10)

Products: Microsoft: Windows Nt, Windows 2003 Server, Windows Xp

3 products

Windows 2003 Server

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows Nt	Version 2008
Microsoft Windows Nt	Version 2008
Microsoft Windows Nt	Version xp sp3
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows Xp	All versions

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://secunia.com/advisories/30586

Source: secure@microsoft.com

Permissions RequiredVendor Advisory

http://securitytracker.com/id?1020229

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/archive/1/493338/100/0/threaded

Source: secure@microsoft.com

http://www.securityfocus.com/archive/1/493342/100/0/threaded

Source: secure@microsoft.com

http://www.securityfocus.com/bid/29584

Source: secure@microsoft.com

Patch

http://www.us-cert.gov/cas/techalerts/TA08-162B.html

Source: secure@microsoft.com

Third Party AdvisoryUS Government Resource

http://www.vupen.com/english/advisories/2008/1782

Source: secure@microsoft.com

Broken Link

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-035

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4910

Source: secure@microsoft.com

http://secunia.com/advisories/30586

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVendor Advisory

http://securitytracker.com/id?1020229

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/archive/1/493338/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/493342/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/29584

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.us-cert.gov/cas/techalerts/TA08-162B.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.vupen.com/english/advisories/2008/1782

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-035

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4910

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.