Vulnerabilities > CVE-2009-3675 - Resource Management Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 7 |
Common Weakness Enumeration (CWE)
Msbulletin
bulletin_id | MS09-069 |
bulletin_url | |
date | 2009-12-08T00:00:00 |
impact | Denial of Service |
knowledgebase_id | 974392 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS09-069.NASL |
description | The version of LSASS running on the remote host improperly handles specially crafted ISAKMP messages communicated through IPsec, causing the system to consume excessive amounts of CPU resources. A remote, authenticated attacker could exploit this to cause a denial of service. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 43061 |
published | 2009-12-08 |
reporter | This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/43061 |
title | MS09-069: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392) |
code |
|
Oval
accepted | 2010-01-18T04:00:13.327-05:00 | ||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||
description | LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka "Local Security Authority Subsystem Service Resource Exhaustion Vulnerability." | ||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:6639 | ||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||
submitted | 2009-12-09T17:00:00 | ||||||||||||||||||||||||||||
title | Local Security Authority Subsystem Service Resource Exhaustion Vulnerability | ||||||||||||||||||||||||||||
version | 69 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 37218 CVE ID: CVE-2009-3675 Microsoft Windows是微软发布的非常流行的操作系统。 Windows系统上的本地安全权威子系统服务(LSASS)没有正确地处理特制的ISAKMP消息,如果通过认证的远程攻击者在通过IPSEC协议与受影响系统上的LSASS通讯期间发送了特制的ISAKMP消息,就可以耗尽系统资源。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows 2000 Server SP4 临时解决方法: * 禁用IPSec服务。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS09-069)以及相应补丁: MS09-069:Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392) 链接:http://www.microsoft.com/technet/security/Bulletin/MS09-069.mspx?pf=true |
id | SSV:15040 |
last seen | 2017-11-19 |
modified | 2009-12-12 |
published | 2009-12-12 |
reporter | Root |
title | Microsoft Windows LSASS服务ISAKMP消息远程拒绝服务漏洞(MS09-069) |
References
- http://www.us-cert.gov/cas/techalerts/TA09-342A.html
- http://www.us-cert.gov/cas/techalerts/TA09-342A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-069
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-069
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6639
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6639