Lucene search

K

[email protected]NVD:CVE-2011-0043

HistoryFeb 10, 2011 - 4:00 p.m.

CVE-2011-0043

2011-02-1016:00:13

CWE-310

[email protected]

web.nvd.nist.gov

1

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

12.6%

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka “Kerberos Unkeyed Checksum Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_2003_serversp2

OR

microsoftwindows_2003_serversp2itanium

OR

microsoftwindows_server_2003sp2

OR

microsoftwindows_xpsp3

OR

microsoftwindows_xpMatch-sp2x64

References

osvdb.org/70834

secunia.com/advisories/43251

support.avaya.com/css/P8/documents/100127250

www.securityfocus.com/bid/46130

www.securitytracker.com/id?1025048

www.vupen.com/english/advisories/2011/0326

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-013

exchange.xforce.ibmcloud.com/vulnerabilities/64900

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12432

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

12.6%

Related for NVD:CVE-2011-0043

cvelist1 prion1 cve1 nessus1 openvas2 mskb1 securityvulns1