Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-182: Vulnerability in Active Directory

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-182: Vulnerability in Active Directory
# 1  
Old 02-13-2008
S-182: Vulnerability in Active Directory
A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 and Windows Server 2003. The risk is LOW. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003. The vulnerability is due to improper validation of specially crafted LDAP requests. An attacker who successfully exploited this vulnerability could cause the computer to stop responding and automatically restart.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Active Directory OR LDAP

Hi, How can we check users added through LDAP or AD. Users added through a group of AD or LDAP group. (2 Replies)
Discussion started by: Nishit
2 Replies

2. UNIX for Advanced & Expert Users

Active Directory with 6.1

Is there anyone who is utilizing Active Directory (2008R2) for AIX user account management? If yes or if AD is possible with AIX systems, can you please share what to be done to get there? Please advise. (1 Reply)
Discussion started by: Daniel Gate
1 Replies

3. Solaris

active directory equivalent for unix

At the moment we are integrating LDAP in our environment. Compared to Windows this process is much complicated and time consuming. With Windows you had Active Directory and if you create a new server, you just add it to the domain and your finished. Yes, I know Unix is not Windows. Are there... (1 Reply)
Discussion started by: misterx12345
1 Replies

4. Red Hat

ldap and active directory

Hi Friends, I need your help to get some solution of one of my problem. Ours is a mixed domain. Most of the servers are windows and very little linux servers. We are using the MS AD for authentication. My problem is, I want to authenticate linux servers against AD. I donot want to use any... (1 Reply)
Discussion started by: arumon
1 Replies

5. HP-UX

HP-UX authenticating to Active Directory

Hey, I've asked questions about this project here before and gotten lots of help so I figured I'd give it another try. I've recently set up my HP-UX environment to authenticate to a Windows Active Directory server (Windows Server 2003 R2). I setup an account on Active Directory which works... (2 Replies)
Discussion started by: Rike255
2 Replies

6. UNIX for Dummies Questions & Answers

setup active directory

i would like to ask about unix with active directory..actually my situation is at ny place there already have dns server in unix based,i want to implement an active directory to the network..from what i read about active directory we have to used bind dns...some say that bind could not handle in... (1 Reply)
Discussion started by: nour
1 Replies

7. UNIX for Dummies Questions & Answers

Active Directory and UNIX

Hello - I have a very vague question, which will probably result in vague answers because I don't have a lot of detailed information and I don't know a whole lot about active directory. Our Windows/NT admin has been rolling out Active Directory over the past several weeks and as time goes on,... (1 Reply)
Discussion started by: rm -r *
1 Replies

8. Windows & DOS: Issues & Discussions

unix and active directory

Hi Does anybody know the steps and requirements of the installation process of Windows Active Directory using Unix/Linux Bind DNS. I will appreciate if somebody gives the answer. (1 Reply)
Discussion started by: Darwin Rodrigue
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

rats

RATS(1) 						      General Commands Manual							   RATS(1)

NAME

       rats - Rough Auditing Tool for Security

SYNOPSIS

       rats [options] [file]...

DESCRIPTION

       rats  is  a  rough auditing tool for security developed by Secure Software, Inc.  It is a tool for scanning C, Perl, PHP, and Python source
       code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use)  race  condi-
       tions.	As  its  name  implies,  the  tool performs only a rough analysis of source code.  It will not find every error and will also find
       things that are not errors.  Manual inspection of your code is still necessary, but greatly aided with this tool.

       When started, RATS will scan each file or each file in the directory specified on the command line and produce a report	when  scanning	is
       complete.   What  vulnerabilities  are reported in the final report depend on the data contained in the vulnerability database or databases
       that are used and the warning level in use.

       For each vulnerability, the list of files and line numbers where it occured is given, followed by a brief description of the  vulnerability
       and suggested action.

OPTIONS

       -h, --help
	      Displays a brief usage summary and exit.

       -a <fun>
	      Report any occurence of function 'fun' in the source file(s)

       -d <filename>, --database <filename>, --db <filename>
	      Specifies a vulnerability database to be loaded.	You may have multiple -d options and each database specified will be loaded.

       -i, --input
	      Causes a list of function calls that were used which accept external input to be produced at the end of the vulnerability report.

       -l <lang>, --language <language>
	      Force the specified language to be used regardless of filename extension.  Currently valid language names are "c", "perl", "php" and
	      "python".

       -r, --references
	      Causes references to vulnerable function calls that are not being used as calls themselves to be reported.

       -w <level>, --warning <level>
	      Sets the warning level. Valid levels are 1, 2 or 3.

	      1 includes only default and high severity.

	      2 includes medium severity (default).

	      3 includes low severity vulnerabilities.

       -x     Causes the default vulnerability databases (which are in the installation data directory, /usr/share/rats  by  default)  to  not	be
	      loaded.

       -R, --no-recurssion
	      Do not recurse subdirectories when encountered.

       --xml  Output in XML

       --html Output in HTML

       --follow-symlinks
	      Follow  symlinks	and treat them like whatever they are pointing to.  If the symlink points to a directory it will be descended into
	      unless -R is specified, if a pointing to a file, it will be treated as a file.

AUTHOR

       This manual page was orginally written by Adam Lazur <adam@lazur.org>, for the Debian GNU/Linux system (but may be used by others).

       Modified by Secure Software, Inc.

								September 17, 2001							   RATS(1)