MS08-060: Microsoft Windows Active Directory LDAP(S) Request Handling Remote Overflow (957280)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.

Synopsis :

It is possible to execute arbitrary code through Active Directory on
the remote host.

Description :

The remote version of Active Directory contains a vulnerability when
processing LDAP requests. An attacker can exploit this flaw to execute
arbitrary code on the remote Active Directory server.

See also :

Solution :

Microsoft has released a set of patches for Windows 2000.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 34405 ()

Bugtraq ID: 31609

CVE ID: CVE-2008-4023