vulnerability
Microsoft Windows: CVE-2017-0166: LDAP Elevation of Privilege Vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Apr 11, 2017 | Apr 11, 2017 | Sep 11, 2024 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Apr 11, 2017
Added
Apr 11, 2017
Modified
Sep 11, 2024
Description
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller, aka "LDAP Elevation of Privilege Vulnerability."
Solution(s)
microsoft-windows-windows_10-1507-kb4015221microsoft-windows-windows_10-1511-kb4015219microsoft-windows-windows_10-1607-kb4015217microsoft-windows-windows_10-1703-kb4015583microsoft-windows-windows_server_2012-kb4015548microsoft-windows-windows_server_2012_r2-kb4015547microsoft-windows-windows_server_2016-1607-kb4015217msft-kb4015068-04b33d9b-804a-4a68-a1df-d591204603f2msft-kb4015068-7531ccd9-3338-4608-a381-083715238017msft-kb4015068-cf049544-5182-4533-bee3-d1e741be5b6fmsft-kb4015068-dc508d94-e015-4010-b668-fd66aa199201msft-kb4015546-592c9a40-6bdc-4122-8496-0b4295cf7a86msft-kb4015546-61107fd4-8fba-4639-9c3a-d70a69936b4emsft-kb4015546-7026cec0-32bf-4488-b45a-838aa929c109msft-kb4015546-c77661d2-7566-4f86-943c-264545419691msft-kb4015546-cc8006a9-8438-45aa-a20d-cceef511098dmsft-kb4015546-e2e88e16-fd32-4c2e-8848-69817601c17bmsft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fddmsft-kb4015548-72db1a7d-338c-4903-9869-9fd8258b643amsft-kb4015548-d1986d38-72dd-4e1a-877e-70a3f77f7802
References
- BID-97446
- CVE-2017-0166
- https://attackerkb.com/topics/CVE-2017-0166
- URL-https://support.microsoft.com/help/4015217
- URL-https://support.microsoft.com/help/4015219
- URL-https://support.microsoft.com/help/4015221
- URL-https://support.microsoft.com/help/4015547
- URL-https://support.microsoft.com/help/4015548
- URL-https://support.microsoft.com/help/4015583

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.