Test ID:	1.3.6.1.4.1.25623.1.0.901048
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Active Directory Denial of Service Vulnerability (973309)
Summary:	This host is missing a critical security update according to; Microsoft Bulletin MS09-066.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-066. Vulnerability Insight: This issue is caused by an error in implementations of Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Service (AD LDS) when processing malformed LDAP or LDAPS requests. Vulnerability Impact: Successful exploitation will let the attacker crash the server which may result in Denial of Service. Affected Software/OS: - Microsoft Windows 2K Service Pack 4 and prior - Microsoft Windows XP Service Pack 3 and prior - Microsoft Windows 2K3 Service Pack 2 and prior - Microsoft Windows 2008 server Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1928 Cert/CC Advisory: TA09-314A http://www.us-cert.gov/cas/techalerts/TA09-314A.html Microsoft Security Bulletin: MS09-066 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5890
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.