Microsoft Windows Active Directory SPN Validation Vulnerability( 09 February 2011 )

Last Update Date: 11 Feb 2011 Release Date: 9 Feb 2011 5995 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

A denial of service vulnerability exists in implementations of Microsoft Windows Active Directory due to improper validation of service principal names (SPN), which could result in SPN collisions. When this occurs, services that use the SPN will downgrade to NT LAN Manager (NTLM) if configured to negotiate. Services that are not configured to negotiate will become unavailable, resulting in a denial of service condition. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding.

Impact

  • Denial of Service

System / Technologies affected

  • Windows Server 2003
    - Active Directory

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft IIS FTP Service Heap Buffer Overrun Vulnerability( 09 February 2011 )

9 Feb 2011 6502 Views

Next

Microsoft Visio Multiple Vulnerabilities( 09 February 2011 )

9 Feb 2011 5875 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY