Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

T-005: Vulnerability in Active Directory

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) T-005: Vulnerability in Active Directory
# 1  
Old 11-13-2008
T-005: Vulnerability in Active Directory
A remote code execution vulnerability exists inimplementations of Active Directory on Microsoft Windows 2000 Server. This could allow remote code execution. The risk is MEDIUM. The vulnerability is due to incorrect memory allocation when receiving specially crafted LDAP or LDAPS requests. An attacker who successfully exploited this vulnerability could take complete control of an affected system.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Active Directory OR LDAP

Hi, How can we check users added through LDAP or AD. Users added through a group of AD or LDAP group. (2 Replies)
Discussion started by: Nishit
2 Replies

2. Windows & DOS: Issues & Discussions

Integrate RHEL with Active Directory

Hi All, I have been given the task of integrating Linux (RedHat, Ubuntu, CentOS and Mac OSX) with a Windows Server 2012 A.D. if anyone has done this before help would be very much appreciated, I have been looking at using either Samba with Win-bind or SSSD, if anyone has tested this please... (9 Replies)
Discussion started by: stuffer1984
9 Replies

3. UNIX for Advanced & Expert Users

Active Directory with 6.1

Is there anyone who is utilizing Active Directory (2008R2) for AIX user account management? If yes or if AD is possible with AIX systems, can you please share what to be done to get there? Please advise. (1 Reply)
Discussion started by: Daniel Gate
1 Replies

4. Red Hat

ldap and active directory

Hi Friends, I need your help to get some solution of one of my problem. Ours is a mixed domain. Most of the servers are windows and very little linux servers. We are using the MS AD for authentication. My problem is, I want to authenticate linux servers against AD. I donot want to use any... (1 Reply)
Discussion started by: arumon
1 Replies

5. HP-UX

HP-UX authenticating to Active Directory

Hey, I've asked questions about this project here before and gotten lots of help so I figured I'd give it another try. I've recently set up my HP-UX environment to authenticate to a Windows Active Directory server (Windows Server 2003 R2). I setup an account on Active Directory which works... (2 Replies)
Discussion started by: Rike255
2 Replies

6. UNIX for Dummies Questions & Answers

setup active directory

i would like to ask about unix with active directory..actually my situation is at ny place there already have dns server in unix based,i want to implement an active directory to the network..from what i read about active directory we have to used bind dns...some say that bind could not handle in... (1 Reply)
Discussion started by: nour
1 Replies

7. UNIX for Dummies Questions & Answers

Active Directory and UNIX

Hello - I have a very vague question, which will probably result in vague answers because I don't have a lot of detailed information and I don't know a whole lot about active directory. Our Windows/NT admin has been rolling out Active Directory over the past several weeks and as time goes on,... (1 Reply)
Discussion started by: rm -r *
1 Replies

8. Windows & DOS: Issues & Discussions

unix and active directory

Hi Does anybody know the steps and requirements of the installation process of Windows Active Directory using Unix/Linux Bind DNS. I will appreciate if somebody gives the answer. (1 Reply)
Discussion started by: Darwin Rodrigue
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

ad

ad(5)							Standards, Environments, and Macros						     ad(5)

NAME

       ad - Active Directory as a naming repository

DESCRIPTION

       Solaris clients can obtain naming information from Active Directory (AD) servers.

       The  Solaris  system  must first join an AD domain and then add the ad keyword to the appropriate entries in the nsswitch.conf(4) file. The
       Solaris system joins the AD domain by using the	kclient(1M) utility. The AD name service only supports the naming databases for passwd and
       group.

       Windows	users  are not able to log in. The user_attr(4) database has no entries for Windows users, and the passwd(1) command does not sup-
       port the synchronization of user passwords with AD.

       The Solaris AD client uses auto-discovery techniques to find AD directory servers, such as domain controllers and global  catalog  servers.
       The  client  also  uses	the  LDAP  v3 protocol to access naming information from AD servers. The AD server schema requires no modification
       because the AD client works with native AD schema. The Solaris AD client uses the idmap(1M) service to map between Windows security identi-
       fiers (SIDs) and Solaris user identifiers (UIDs) and group identifiers (GIDs). User names and group names are taken from the sAMAccountName
       attribute of the AD user and group objects and then tagged with the domain where the objects reside. The domain name is separated from  the
       user name or group name by the @ character.

       The  client  uses  the  SASL/GSSAPI/KRB5  security  model. The kclient utility is used to join the client to AD. During the join operation,
       kclient configures Kerberos v5 on the client. See kclient(1M).

FILES

       /etc/nsswitch.conf      Configuration file for the name-service switch.

       /etc/nsswitch.ad        Sample configuration file for the name-service switch configured with ad, dns and files.

       /usr/lib/nss_ad.so.1    Name service switch module for AD.

SEE ALSO

       passwd(1), svcs(1), idmap(1M), idmapd(1M), kclient(1M), svcadm(1M), svccfg(1M), svccfg(1M), nsswitch.conf(4), user_attr(4), smf(5)

SunOS 5.11							    22 Oct 2008 							     ad(5)