|MS11-005||Vulnerability in Active Directory Could Allow Denial of Service (2478953)||Windows Server||Critical||09-02-2011|
Brief overview of the risk:
This security update resolves a publicly disclosed vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sent a specially crafted packet to an affected Active Directory server. The attacker must have valid local administrator privileges on the domain-joined computer in order to exploit this vulnerability.
Detailed Information on the risk:
A denial of service vulnerability exists in implementations of Microsoft Windows Active Directory due to improper validation of service principal names (SPN), which could result in SPN collisions. When this occurs, services that use the SPN will downgrade to NT LAN Manager (NTLM) if configured to negotiate. Services that are not configured to negotiate will become unavailable, resulting in a denial of service condition. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding.
Further information on this exploit is available at : MS11-005
Affected SoftwareWindows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems