SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows DLL (Any) Vendors:   Microsoft
Windows Netlogon Service Lets Remote Authenticated Users Obtain Credentials from the Target PDC
SecurityTracker Alert ID:  1032900
SecurityTracker URL:  http://securitytracker.com/id/1032900
CVE Reference:   CVE-2015-2374   (Links to External Site)
Date:  Jul 14 2015
Impact:   Disclosure of authentication information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2008 SP2, 2008 R2 SP1; and prior service packs
Description:   A vulnerability was reported in Windows Netlogon Service. A remote authenticated user can gain elevated privileges.

The Windows Netlogon service does not properly establish a secure communications channel to a primary domain controller (PDC).

A remote authenticated user on a system that has access to a PDC on the target network can connect to the PDC and trigger a flaw in the Windows Netlogon service to act as a backup domain controller (BDC) and potentially obtain authentication credentials from the target PDC.

Systems configured as domain controllers are affected.

Impact:   A remote authenticated user can obtain authentication credentials from the target PDC.
Solution:   The vendor has issued a fix.

Windows Server 2003 Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=224C773F-6BF0-4F0D-B737-A073556A5DF6

Windows Server 2003 x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=DB9DAB65-8744-4A80-9A43-AD6B5145E404

Windows Server 2003 with SP2 for Itanium-based Systems:

https://www.microsoft.com/downloads/details.aspx?familyid=CFB594F3-05CD-45EC-A2AD-2D5AF70BC052

Windows Server 2003 R2 Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=224C773F-6BF0-4F0D-B737-A073556A5DF6

Windows Server 2003 R2 x64 Edition Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=DB9DAB65-8744-4A80-9A43-AD6B5145E404

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=4d8d1e73-33c3-4ce8-b228-5cb7ca845905

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=d9311f75-776e-4c08-bdbb-c66adb2db974

Windows Server 2008 for Itanium-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=c110c5c7-acfb-46af-92dd-25090e0e03d6

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=D8B94457-0DF9-4C8D-911E-B1790B4276F2

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=DE8CB5C2-4A4B-4614-98B5-1E69B88BD060

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=E909A5E3-BD69-40EA-94DB-98C6FDFC7E3D

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=B1B74A41-1F3C-42FC-A035-C823A327E008

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=4d8d1e73-33c3-4ce8-b228-5cb7ca845905

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=d9311f75-776e-4c08-bdbb-c66adb2db974

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=D8B94457-0DF9-4C8D-911E-B1790B4276F2

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=E909A5E3-BD69-40EA-94DB-98C6FDFC7E3D

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=B1B74A41-1F3C-42FC-A035-C823A327E008

A restart is required.

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms15-071

Vendor URL:  technet.microsoft.com/library/security/ms15-071 (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC