Microsoft Windows Kerberos Denial Of Service Vulnerability (2743555) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS12-069.

Impact

Successful exploitation could allow authenticated attackers to cause a denial of service condition on the affected system. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms12-069.mspx

Insight

The flaw is present due to an error in Kerberos implementation which fails to properly handle a specially crafted session.

Affected

Microsoft Windows 7 Service Pack 1 and prior Microsoft Windows 2008 R2 Service Pack 1 and prior

References

http://secunia.com/advisories/50867/
http://support.microsoft.com/kb/2425227
http://www.microsoft.com/technet/security/bulletin/ms12-069.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2551

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2778344)
Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)
Microsoft IIS FTP Connection Status Request Denial of Service Vulnerability
Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)
Microsoft Office Information Disclosure Vulnerability (2909976)

Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)

Take action and discover your vulnerabilities