CVE-2007-3028

CVE-2007-3028 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP request, related to "client sent LDAP request logic," aka "Windows Active Directory Denial of Service Vulnerability". NOTE: this is probably a different issue than CVE-2007-0040.

Learn more about our Cis Benchmark Audit For Server Software.