|
Microsoft Windows Two Kerberos Vulnerabilities
|
|
Secunia Advisory:
|
SA16368
|
|
|
Release Date:
|
2005-08-09
|
|
Last Update:
|
2005-11-21
|
|
Popularity:
|
11,785 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Spoofing
Exposure of sensitive information
DoS
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Embedded
Microsoft Windows XP Professional
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2005-1981
CVE-2005-1982
|
|
Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service), reveal sensitive information, or impersonate other users.
1) An unspecified error in the handling of special Kerberos messages allows malicious users to cause the domain controller to shutdown.
This vulnerability only affects Microsoft Windows Server 2000 and 2003, which are configured as domain controllers.
2) An unspecified error in the handling of PKINIT transactions, may allow users to impersonate other users by conducting a MITM (Man In The Middle) attack.
This only affects systems using SmartCard authentication.
Solution:
Apply patches.
Microsoft Windows 2000 (requires SP4):
http://www.microsoft.com/downloads/de...=4E34CD17-8710-4E22-8620-3B84139C18BB
Microsoft Windows XP (requires SP1 or SP2):
http://www.microsoft.com/downloads/de...=DD24F6FA-F6BB-4358-8C2F-7F6AB405981A
Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/de...=FB703DBD-3563-41FD-B608-361CC23796A5
Microsoft Windows XP Embedded (with SP2):
http://www.microsoft.com/downloads/de...=e7b6d199-7607-44a8-96fd-5a2386427bd9
Microsoft Windows XP Embedded (with SP1):
http://www.microsoft.com/downloads/de...=47633799-2103-4fc2-b63d-a9581a2d2f2d
Microsoft Windows Server 2003 (with or without SP1):
http://www.microsoft.com/downloads/de...=34E7CF41-C584-4071-A36F-DE19D0D04B97
Microsoft Windows Server 2003 for Itanium-based systems (with or without SP1):
http://www.microsoft.com/downloads/de...=037CD6D6-11F7-4C44-9CFB-4B6D0B9B93CB
Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/de...=B86E688C-B668-4841-B961-7C5412C525EC
Provided and/or discovered by:
1) Tony Chin, Shell
2) Andre Scedrov, Iliano Cervesato, Aaron Jaggard, Joe-Kai Tsay, and Chris Walstad
Changelog:
2005-08-11: Added link to US-CERT vulnerability note.
2005-11-10: Added link to US-CERT vulnerability note.
2005-11-21: Added patch information for Windows XP Embedded.
Original Advisory:
MS05-042 (KB899587):
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx
Other References:
US-CERT VU#610133:
http://www.kb.cert.org/vuls/id/610133
US-CERT VU#477341:
http://www.kb.cert.org/vuls/id/477341
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
