Lucene search
RootSSV:23179HistoryNov 09, 2011 - 12:00 a.m.
Microsoft Windows活动目录LDAPS身份验证绕过漏洞(MS11-086)
2011-11-0900:00:00
Root
www.seebug.org
13
0.039 Low
EPSS
Percentile
92.0%
CVE ID: CVE-2011-2014
Microsoft Windows是流行的计算机操作系统。
Microsoft Windows在实现上存在安全漏洞,可被恶意用户利用绕过安全限制。
此漏洞源于由于无法根据CRL验证与域账号相关的SSL证书的撤销状态,活动目录在配置为使用LDAP over SSL(非默认设置)时存在错误。
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Storage Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2003
Microsoft Windows 7
厂商补丁:
Microsoft
Microsoft已经为此发布了一个安全公告(MS11-086)以及相应补丁:
MS11-086:Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837)
链接:http://www.microsoft.com/technet/security/bulletin/MS11-086.asp
Related
securityvulns
securityvulns
Microsoft Windows active directory authentication bypass
2011-11-09 00:00:00
cvelist
cvelist
CVE-2011-2014
2011-11-08 21:00:00
nvd
nvd
CVE-2011-2014
2011-11-08 21:55:01
nessus
nessus
openvas
openvas
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2011-2014
2011-11-08 21:55:01
mskb
mskb
prion
prion
Authentication flaw
2011-11-08 21:55:00