exploitDog

CVE-2011-0040

Опубликовано: 09 фев. 2011

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*

EPSS

Процентиль: 97%

0.40229

Средний

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-9w6c-58mr-5mwx

github

почти 4 года назад

The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability."

EPSS

Процентиль: 97%

0.40229

Средний

5 Medium

CVSS2

Дефекты

CWE-20