Microsoft Windows Kerberos Denial Of Service Vulnerability (2743555) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS12-069.

Impact

Successful exploitation could allow authenticated attackers to cause a denial of service condition on the affected system. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms12-069.mspx

Insight

The flaw is present due to an error in Kerberos implementation which fails to properly handle a specially crafted session.

Affected

Microsoft Windows 7 Service Pack 1 and prior Microsoft Windows 2008 R2 Service Pack 1 and prior

References

http://secunia.com/advisories/50867/
http://support.microsoft.com/kb/2425227
http://www.microsoft.com/technet/security/bulletin/ms12-069.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-2551
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Microsoft .NET Framework Chart Control Information Disclosure Vulnerability (2567943)
Microsoft SharePoint Foundation Privilege Elevation Vulnerability (3000431)
Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
Microsoft Windows LSASS Denial of Service Vulnerability (975467)
Microsoft Lync Server Information Disclosure Vulnerability (2969258)

Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)

Take action and discover your vulnerabilities