(HP Issues Fix for HP LoadRunner) Microsoft Windows Kerberos KDC Signature Validation Flaw Lets Remote Authenticated Users
|
|
SecurityTracker Alert ID: 1031628 |
|
SecurityTracker URL: http://securitytracker.com/id/1031628
|
|
CVE Reference:
CVE-2014-6324
(Links to External Site)
|
Date: Jan 26 2015
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 12.01
|
Description:
A vulnerability was reported in Microsoft Windows Kerberos. A remote authenticated user can gain elevated privileges. HP LoadRunner is affected.
The Microsoft Kerberos KDC implementation does not properly validate signatures. A remote authenticated unprivileged domain user can exploit this flaw to forge portions of a Kerberos service ticket and gain domain administrator privileges.
This vulnerability is being actively exploited in limited situations. The vendor reports that the known active attacks do not affect Windows Server 2012 and Windows Server 2012 R2.
The Qualcomm Information Security and Risk Management team, including Tom Maddock, reported this vulnerability.
|
Impact:
A remote authenticated user can gain domain administrator privileges.
|
Solution:
HP has issued a fix for HP LoadRunner, which includes a vulnerable version of Windows in virtual machine images.
The HP advisory is available at:
http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04526330
|
Vendor URL: technet.microsoft.com/library/security/ms14-068 (Links to External Site)
|
Cause:
Authentication error
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
