CVE-2009-1138

NONECVSS 0.0

0.0

The LDAP service in Active Directory on Microsoft Windows 2000 SP4 does not properly free memory for LDAP and LDAPS requests, which allows remote attackers to execute arbitrary code via a request that uses hexadecimal encoding, whose associated memory is not released, related to a "DN AttributeValue," aka "Active Directory Invalid Free Vulnerability." NOTE: this issue is probably a memory leak.

🔗 References (20)

secure@microsofthttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=804
secure@microsofthttp://osvdb.org/54937
secure@microsofthttp://secunia.com/advisories/35355
secure@microsofthttp://support.avaya.com/elmodocs2/security/ASA-2009-214.htm
secure@microsofthttp://www.securityfocus.com/bid/35226
secure@microsofthttp://www.securitytracker.com/id?1022349
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA09-160A.html
secure@microsofthttp://www.vupen.com/english/advisories/2009/1537
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-018
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6180
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=804
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/54937
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35355
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2009-214.htm
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35226

Is Your Infrastructure Affected by CVE-2009-1138?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-1138

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-1138?