Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0166: LDAP Elevation of Privilege Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2017-0166: LDAP Elevation of Privilege Vulnerability

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

04/11/2017

Created

07/25/2018

Added

04/11/2017

Modified

11/18/2021

Description

An elevation of privilege vulnerability exists when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller. An attacker who successfully exploited this vulnerability could run processes in an elevated context. The update addresses the vulnerability by correcting how LDAP request buffer lengths are calculated.

Solution(s)

msft-kb4015068-04b33d9b-804a-4a68-a1df-d591204603f2
msft-kb4015068-7531ccd9-3338-4608-a381-083715238017
msft-kb4015068-cf049544-5182-4533-bee3-d1e741be5b6f
msft-kb4015068-dc508d94-e015-4010-b668-fd66aa199201
msft-kb4015217-455d76f1-ba4b-48e6-80a2-aaedf9dbf6ed
msft-kb4015217-4a4cfa3f-337e-496e-9d32-a143afcb27f4
msft-kb4015217-573050f8-8958-4f78-bf90-019ef167a2c0
msft-kb4015219-9543acec-5076-4c61-bf83-e4a710166548
msft-kb4015219-a1b819d9-d5d2-4b33-ae8c-444fcf07063a
msft-kb4015221-9827321e-56c9-4c7a-9753-b8d250d58183
msft-kb4015221-99f960a7-07f7-478d-bd16-686208928c61
msft-kb4015546-592c9a40-6bdc-4122-8496-0b4295cf7a86
msft-kb4015546-61107fd4-8fba-4639-9c3a-d70a69936b4e
msft-kb4015546-7026cec0-32bf-4488-b45a-838aa929c109
msft-kb4015546-c77661d2-7566-4f86-943c-264545419691
msft-kb4015546-cc8006a9-8438-45aa-a20d-cceef511098d
msft-kb4015546-e2e88e16-fd32-4c2e-8848-69817601c17b
msft-kb4015547-79629e4e-67eb-438d-9420-17c673012731
msft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896
msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fdd
msft-kb4015548-31ca69ca-ca73-4405-860b-037051bd1984
msft-kb4015548-72db1a7d-338c-4903-9869-9fd8258b643a
msft-kb4015548-d1986d38-72dd-4e1a-877e-70a3f77f7802
msft-kb4015583-184f9486-a9fd-46f9-9f83-0a07c0c939ea
msft-kb4015583-4816e53b-6f86-43c5-a740-0cafbe6317f5

References

https://attackerkb.com/topics/cve-2017-0166
CVE - 2017-0166
4015068
4015217
4015219
4015221
4015546
4015547
4015548
4015549
4015550
4015551
4015583

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-0166: LDAP Elevation of Privilege Vulnerability

Microsoft CVE-2017-0166: LDAP Elevation of Privilege Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.