CVSS: 5.0EPSS: 23%CPEs: 14EXPL: 0CVE-2013-3868
https://notcve.org/view.php?id=CVE-2013-3868
Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability." Microsoft Active Directory Lightweight Directory Service (AD LDS) en Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1 y Windows 8; y Active Directory Services en Windows Server 2008 SP2 and R2 SP1 y Server 2012 permite a atacantes remotos causar una denegación de servicio (agotamiento de directory-service LDAP) a través de una consulta LDAP manipulada, tambien conocido como "Vulnerabilidad de DoS Anónimo Remoto". • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-079 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 50%CPEs: 4EXPL: 0CVE-2013-1282
https://notcve.org/view.php?id=CVE-2013-1282
The LDAP service in Microsoft Active Directory, Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Service (AD LDS), and Active Directory Services allows remote attackers to cause a denial of service (memory consumption and service outage) via a crafted query, aka "Memory Consumption Vulnerability." El servicio LDAP en Microsoft Active Directory, Active Directory Application Mode (ADAM), Servicio de directorio ligero de Active Directory (AD LDS), y servicios de Active Directory permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y corte de servicio) a través de una consulta hecha a mano , también conocido como "Memory Consumption Vulnerability". • http://www.us-cert.gov/ncas/alerts/TA13-100A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16463 • CWE-20: Improper Input Validation •