Esta actualización de seguridad resuelve una vulnerabilidad en Active Directory. La vulnerabilidad podría permitir la denegación de servicio si un atacante envía una consulta especialmente diseñado para el Lightweight Directory Access Protocol (LDAP). Esta actualización de seguridad se considera importante para Active Directory, Active Directory Application Mode (ADAM), Servicio de directorio ligero de Active Directory (AD LDS), y servicios de Active Directory en los servidores de Microsoft Windows (excluyendo sistemas basados en Itanium) y considera baja en clientes de Microsoft Windows . La actualización de seguridad corrige la vulnerabilidad al modificar la forma del servicio LDAP maneja especialmente diseñados consultas LDAP.
Microsoft Windows Windows 7 for 32-bit Systems | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows 7 for 32-bit Systems Service Pack 1 | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows 7 for x64-based Systems | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows 7 for x64-based Systems Service Pack 1 | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows 8 for 32-bit Systems | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows 8 for 64-bit Systems | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2003 Service Pack 2 | ADAM | < | 2801109 |
Microsoft Windows Windows Server 2003 with SP2 for Itanium-based Systems | ADAM | < | 2772930 |
Microsoft Windows Windows Server 2003 x64 Edition Service Pack 2 | ADAM | < | 2772930 |
Microsoft Windows Windows Server 2003 x64 Edition Service Pack 2 | ADAM | < | 2801109 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems Service Pack 1 | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems Service Pack 2 (Server Core installation) | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 R2 for x64-based Systems Service Pack 2 (Server Core installation) | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2* | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2* | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2* | Active Directory Lightweight Directory Service (AD LDS) | < | 2772930 |
Microsoft Windows Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2* | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2012 | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Server 2012 (Server Core installation) | Active Directory Services | < | 2772930 |
Microsoft Windows Windows Vista Service Pack 2 | ADAM | < | 2772930 |
Microsoft Windows Windows Vista x64 Edition Service Pack 2 | ADAM | < | 2772930 |
Microsoft Windows Windows XP Professional x64 Edition SP2 | ADAM | < | 2801109 |
Microsoft Windows Windows XP Service Pack 2 and Windows XP SP 3 | ADAM | < | 2801109 |
Vulnerabilidad de consumo de memoria - CVE-2013-1282
Código de explotacion inconsistente
Vulnerabilidad de consumo de memoria - CVE-2013-1282
Una vulnerabilidad de denegación de servicio en implementaciones de Active Directory que podría provocar que el servicio deje de responder. La vulnerabilidad se debe a que el servicio LDAP falla al manejar una consulta especialmente diseñada.
Vulnerabilidad de consumo de memoria - CVE-2013-1282
Un atacante que aprovecha esta vulnerabilidad podría provocar que el servicio LDAP deje de responder.
La Coordinación de Seguridad de la Información/UNAM-CERT agradece el apoyo en la elaboración ó traducción y revisión de éste Documento a:
UNAM-CERT
Equipo de Respuesta a Incidentes UNAM
Coordinación de Seguridad de la Información
incidentes at seguridad.unam.mx
phishing at seguridad.unam.mx
http://www.cert.org.mx
http://www.seguridad.unam.mx
ftp://ftp.seguridad.unam.mx
Tel: 56 22 81 69
Fax: 56 22 80 47
Aviso legal |
Créditos |
Staff |
Administración
Copyright © Todos los derechos reservados
UNAM - CERT