Home

CVE-2009-3675

Description

LSASS.exe in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote authenticated users to cause a denial of service (CPU consumption) via a malformed ISAKMP request over IPsec, aka Local Security Authority Subsystem Service Resource Exhaustion Vulnerability.

Risk Information

Base Score
6.5
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
45.401

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Windows 2000 (KB974392)Windows
Security Update for Windows XP (KB974392) x86 based systemsWindows
Security Update for Windows XP (KB974392) x86 based systems for SP3Windows
Security Update for Windows Server 2003 (KB974392)Windows
Security Update for Windows XP x64 Edition (KB974392)Windows
Security Update for Windows Server 2003 x64 Edition (KB974392)Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234