Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2012 SecPodOPENVAS:901301
HistoryOct 10, 2012 - 12:00 a.m.

Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)

2012-10-1000:00:00
Copyright (C) 2012 SecPod
plugins.openvas.org
5

0.533 Medium

EPSS

Percentile

97.6%

JSON

This host is missing an important security update according to
Microsoft Bulletin MS12-069.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_ms12-069.nasl 5351 2017-02-20 08:03:12Z mwiegand $
#
# Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
#
# Authors:
# Sharath S <[email protected]>
#
# Copyright:
# Copyright (c) 2012 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation could allow authenticated attackers to cause a denial
  of service condition on the affected system.
  Impact Level: System";
tag_affected = "Microsoft Windows 7 Service Pack 1 and prior
  Microsoft Windows 2008 R2 Service Pack 1 and prior";
tag_insight = "The flaw is present due to an error in Kerberos implementation which fails to
  properly handle a specially crafted session.";
tag_solution = "Run Windows Update and update the listed hotfixes or download and
  update mentioned hotfixes in the advisory from the below link,
  http://www.microsoft.com/technet/security/bulletin/ms12-069.mspx";
tag_summary = "This host is missing an important security update according to
  Microsoft Bulletin MS12-069.";

if(description)
{
  script_id(901301);
  script_version("$Revision: 5351 $");
  script_cve_id("CVE-2012-2551");
  script_bugtraq_id(55778);
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_tag(name:"last_modification", value:"$Date: 2017-02-20 09:03:12 +0100 (Mon, 20 Feb 2017) $");
  script_tag(name:"creation_date", value:"2012-10-10 09:58:54 +0530 (Wed, 10 Oct 2012)");
  script_name("Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)");
  script_xref(name : "URL" , value : "http://secunia.com/advisories/50867/");
  script_xref(name : "URL" , value : "http://support.microsoft.com/kb/2425227");
  script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/bulletin/ms12-069.mspx");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 SecPod");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("secpod_reg_enum.nasl");
  script_require_ports(139, 445);
  script_mandatory_keys("SMB/WindowsVersion");

  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

## Variables Initialization
sysPath = "";
sysVer = "";

## Check for OS and Service Pack
if(hotfix_check_sp(win2008r2:2, win7:2, win7x64:2) <= 0){
  exit(0);
}

## Get System Path
sysPath = smb_get_systemroot();
if(!sysPath){
  exit(0);
}

## Get Version from Kerberos.dll file
sysVer = fetch_file_version(sysPath, file_name:"system32\Kerberos.dll");
if(!sysVer){
  exit(0);
}

## Windows 2008 R2 and Windows 7
if(hotfix_check_sp(win2008r2:2, win7:2, win7x64:2) > 0)
{
  ## Check for Kerberos.dll version
  if(version_is_less(version:sysVer, test_version:"6.1.7600.17095") ||
     version_in_range(version:sysVer, test_version:"6.1.7600.20000", test_version2:"6.1.7600.21297") ||
     version_in_range(version:sysVer, test_version:"6.1.7601.10000", test_version2:"6.1.7601.17925") ||
     version_in_range(version:sysVer, test_version:"6.1.7601.20000", test_version2:"6.1.7601.22083")) {
    security_message(0);
  }
}

Related

checkpoint_advisories 1
securityvulns 1
nessus 1
openvas 1
cvelist 1
cve 1
symantec 1
mskb 1
prion 1
nvd 1
checkpoint_advisories
checkpoint_advisories
Microsoft Kerberos NULL Dereference Denial of Service (MS12-069; CVE-2012-2551)
2012-10-21 00:00:00
securityvulns
securityvulns
Microsoft Windows kerberos server DoS
2012-10-10 00:00:00
nessus
nessus
MS12-069: Vulnerability in Kerberos Could Allow Denial of Service (2743555)
2012-10-10 00:00:00
openvas
openvas
Microsoft Windows Kerberos Denial of Service Vulnerability (2743555)
2012-10-10 00:00:00
cvelist
cvelist
CVE-2012-2551
2012-10-09 21:00:00
cve
cve
CVE-2012-2551
2012-10-09 21:55:02
symantec
symantec
Microsoft Windows Kerberos CVE-2012-2551 Denial of Service Vulnerability
2012-10-09 00:00:00
mskb
mskb
MS12-069: Vulnerability in Kerberos could allow denial of service: October 9, 2012
2012-10-09 00:00:00
prion
prion
Null pointer dereference
2012-10-09 21:55:00
nvd
nvd
CVE-2012-2551
2012-10-09 21:55:02

0.533 Medium

EPSS

Percentile

97.6%

JSON
Related for OPENVAS:901301
checkpoint_advisories1securityvulns1nessus1openvas1cvelist1cve1symantec1mskb1prion1nvd1