MS08-003: Vulnerability in Active Directory Could Allow Denial of Service (946538)

Medium Nessus Plugin ID 31037


It is possible to crash Active Directory on the remote host.


The remote version of Active Directory contains a flaw in the LDAP request handler code that allows an attacker to crash the remote Active Directory server.


Microsoft has released a set of patches for Windows 2000, Windows XP, and Windows 2003.

See Also

Plugin Details

Severity: Medium

ID: 31037

File Name: smb_nt_ms08-003.nasl

Version: $Revision: 1.26 $

Type: local

Agent: windows

Published: 2008/02/12

Modified: 2017/08/10

Dependencies: 13855, 57033

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/02/12

Vulnerability Publication Date: 2008/02/12

Reference Information

CVE: CVE-2008-0088

BID: 27638

OSVDB: 41461

MSFT: MS08-003

MSKB: 931374, 943484

CWE: 20