CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS15-027 | Vulnerability in NETLOGON Could Allow Spoofing (3002657) | Windows Server | Important | 11-03-2015 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow spoofing if an attacker who is logged on to a domain-joined system runs a specially crafted application that could establish a connection with other domain-joined systems as the impersonated user or system.
Detailed Information on the risk:
A spoofing vulnerability exists in NETLOGON that is caused when the Netlogon service improperly establishes a secure communications channel belonging to a different machine with a spoofed computer name. To successfully exploit this vulnerability, an attacker would first have to be logged on to a domain joined system and be able to observe network traffic. An attacker could then run a specially crafted application that could establish a secure channel connection belonging to different computer. An attacker may be able to use the established secure channel to obtain session-related information for the actual secure channel of the spoofed computer.
Further information on this exploit is available at : MS15-027
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)
Affected Software
Windows Server 2003 Service Pack 2Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012 R2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)