Vulnerability Details CVE-2015-0005
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/130773/Windows-Pass-Through-Authentication-Methods-Improper-Validation.html
- http://seclists.org/fulldisclosure/2015/Mar/60
- http://www.coresecurity.com/advisories/windows-pass-through-authentication-methods-improper-validation
- http://www.securitytracker.com/id/1031891
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-027
- https://www.samba.org/samba/history/samba-4.2.10.html
- http://packetstormsecurity.com/files/130773/Windows-Pass-Through-Authentication-Methods-Improper-Validation.html
- http://seclists.org/fulldisclosure/2015/Mar/60
- http://www.coresecurity.com/advisories/windows-pass-through-authentication-methods-improper-validation
- http://www.securitytracker.com/id/1031891
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-027
- https://www.samba.org/samba/history/samba-4.2.10.html
Products affected by CVE-2015-0005
-
cpe:2.3:o:microsoft:windows_2003_server:-
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_server_2012:-
-
cpe:2.3:o:microsoft:windows_server_2012:r2