SERVER-OTHER Microsoft LDAP MaxBuffSize buffer overflow attempt
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller, aka "LDAP Elevation of Privilege Vulnerability."
CVSS base score 8.1
CVSS impact score 5.9
CVSS exploitability score 2.2
- microsoft windows_10 *
- microsoft windows_10 1511
- microsoft windows_10 1607
- microsoft windows_10 1703
- microsoft windows_7 -
- microsoft windows_8.1 *
- microsoft windowsrt8.1 -
- microsoft windowsserver2008 *
- microsoft windowsserver2008 r2
- microsoft windowsserver2012 *
- microsoft windowsserver2012 r2
- microsoft windowsserver2016 *
- microsoft windows_vista -
Ease of attack
Upgrade to the latest non-affected version of the software.
Apply the appropriate vendor supplied patches.
- Talos research team.
- This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
- For more information see nvd.