Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
An elevation of privilege vulnerability exists in Active Directory when configured to use LDAP over SSL (LDAPS). An attacker could exploit this vulnerability by using a previously revoked certificate to authenticate to the Active Directory domain and gain access to network resources or run code under the privileges of a specific authorized user with which the certificate is associated.
Impact
- Elevation of Privilege
System / Technologies affected
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
http://technet.microsoft.com/en-us/security/bulletin/ms11-086
Vulnerability Identifier
Source
Related Link
Share with