MS09-069: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)

Medium Nessus Plugin ID 43061


The remote Windows host has a denial of service vulnerability.


The version of LSASS running on the remote host improperly handles specially crafted ISAKMP messages communicated through IPsec, causing the system to consume excessive amounts of CPU resources. A remote, authenticated attacker could exploit this to cause a denial of service.


Microsoft has released a set of patches for Windows 2000, XP, and 2003.

See Also

Plugin Details

Severity: Medium

ID: 43061

File Name: smb_nt_ms09-069.nasl

Version: $Revision: 1.17 $

Type: local

Agent: windows

Published: 2009/12/08

Modified: 2017/08/09

Dependencies: 13855, 57033

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2009/12/08

Vulnerability Publication Date: 2009/12/08

Reference Information

CVE: CVE-2009-3675

BID: 37218

OSVDB: 60831

MSFT: MS09-069

MSKB: 974392

IAVB: 2009-B-0064

CWE: 399