MS13-079 Vulnerability in Active Directory Could Allow Denial of Service
2013-09-10 This security update resolves a privately reported vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sends a specially crafted query to the Lightweight Directory Access Protocol (LDAP) service.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- Remote Anonymous DoS Vulnerability
- A denial of service vulnerability exists in implementations of Active Directory Services and AD LDS that could cause the LDAP directory service to stop responding until an administrator restarts the service. The vulnerability is caused when the LDAP directory service fails to handle a specially crafted query..
CVE-2013-3868
Bulletin details at Microsoft.com
Related CVE Entries
Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability."
Max CVSS
5.0
EPSS Score
16.67%
Published
2013-09-11
Updated
2023-12-07