Lucene search
PRIOn knowledge basePRION:CVE-2015-0006HistoryJan 13, 2015 - 10:59 p.m.
Security feature bypass
2015-01-1322:59:00
PRIOn knowledge base
www.prio-n.com
3
The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka “NLA Security Feature Bypass Vulnerability.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| windows_7 | eq | - sp1 | |
| windows_server_2008 | eq | - sp2 | |
| windows_server_2008 | eq | r2 sp1 | |
| windows_server_2012 | eq | 2.0.114 | |
| windows_vista | eq | - sp2 |
Related
cve
cve
CVE-2015-0006
2015-01-13 22:59:03
checkpoint_advisories
checkpoint_advisories
Microsoft Windows NLA Security Feature Bypass (MS15-005; CVE-2015-0006)
2015-01-13 00:00:00
nessus
nessus
nvd
nvd
CVE-2015-0006
2015-01-13 22:59:03
symantec
symantec
cvelist
cvelist
CVE-2015-0006
2015-01-13 22:00:00
openvas
openvas
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2015-01-19 00:00:00
kaspersky
kaspersky
KLA10589 Multiple vulnerabilities in Microsoft products
2015-03-04 00:00:00