18609 : Microsoft Windows Kerberos PKINIT Domain Controller Spoofing
Printer | http://osvdb.org/18609 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

10 months ago

Percent Complete

100%

Disclosure

Aug 09, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Windows contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker inserts himself between a client and domain controller and exploit a design flaw in PKINT to spoof the domain controller, which will disclose session information resulting in a loss of confidentiality.

Classification

Location: Remote/Network Access Required
Attack Type: Hijacking, Information Disclosure
Impact: Loss of Confidentiality
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Technical

An attacker must supply valid authentication credentials in order to exploit this vulnerability.

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	2000 SP4
		XP SP1
		XP SP2
		XP Professional x64 Edition
	Windows Server	2003
		2003 SP1
		2003 for Itanium
		2003 for Itanium SP1
		2003 x64 Edition

References

Security Tracker: 1014642
Secunia Advisory ID: 16368
Related OSVDB ID: 18608
CVE ID: 2005-1982 (see also: NVD)
ISS X-Force ID: 21626
Microsoft Knowledge Base Article: 899587
Microsoft Security Bulletin: MS05-042

Tools & Filters

Nessus	19405

Credit

Andre Scedrov -
Iliano Cervesato -
Aaron Jaggard -
Joe-Kai Tsay -
Chris Walstad -

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Technical

Solution

Products

Microsoft Corporation

Windows

Windows Server

References

Tools & Filters

Credit

Blogs

Comments