CVE-2007-3028 Information

Description

The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check \the number of convertible attributes\ which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP request related to \client sent LDAP request logic\ aka \Windows Active Directory Denial of Service Vulnerability. NOTE: this is probably a different issue than CVE-2007-0040.

Reference

http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html http://secunia.com/advisories/26002 http://www.kb.cert.org/vuls/id/348953 http://www.securityfocus.com/bid/24796 http://www.securitytracker.com/id?1018355 http://www.us-cert.gov/cas/techalerts/TA07-191A.html http://www.vupen.com/english/advisories/2007/2481 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-039 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1856