Oval Definition:oval:org.mitre.oval:def:2012
Revision Date:2007-08-20Version:43
Title:Windows Active Directory Remote Code Execution Vulnerability
Description:The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 and SP2, Server 2003 x64 Edition and SP2, and Server 2003 for Itanium-based Systems SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted LDAP request with an unspecified number of "convertible attributes."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-0040
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s):
Definition Synopsis
  • Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND ntdsa.dll version is less than 5.0.2195.7135
  • OR Windows 2003 SP1
  • Microsoft Windows Server 2003 SP1 (x86) is installed
  • AND ntdsa.dll version is less than 5.2.3790.2926
  • OR Windows 2003 SP2
  • Microsoft Windows Server 2003 SP2 (x86) is installed
  • AND ntdsa.dll version is less than 5.2.3790.4070
  • OR Windows 2003 x64
  • Microsoft Windows Server 2003 (x64) is installed
  • AND ntdsa.dll version is less than 5.2.3790.2926
  • OR Windows 2003 SP2 x64
  • Microsoft Windows Server 2003 SP2 (x64) is installed
  • AND ntdsa.dll version is less than 5.2.3790.4070
    • BACK