SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Directory)  >   Microsoft Active Directory Vendors:   Microsoft
Microsoft Active Directory Lets Remote Authenticated Users Cause the Target Service to Become Nonresponsive
SecurityTracker Alert ID:  1033492
SecurityTracker URL:  http://securitytracker.com/id/1033492
CVE Reference:   CVE-2015-2535   (Links to External Site)
Date:  Sep 8 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Microsoft Active Directory. A remote authenticated user can cause the target service to crash.

A remote authenticated user with privileges to join machines to the domain can create multiple machine accounts to cause cause the target Active Directory service to become non-responsive.

Andrew Bartlett of Catalyst and the Samba Team reported this vulnerability.

Impact:   A remote authenticated user can cause the target service to become non-responsive.
Solution:   The vendor has issued a fix.

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=13033aec-b83b-4f97-bdcf-061b19718a53

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=5564493b-1226-4aca-b74e-122c0b7a6699

Windows Server 2008 for Itanium-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=f79bc838-e128-406e-91c0-e1a0d2c186b5

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=22182a9d-ee72-4b92-8e4f-fe363fe54727

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=61007b8e-9ddb-4dcf-96be-fc05e02c16c3

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=eb39dd67-2a5d-4f81-9a45-2be1debb042d

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=6789819f-7a09-4256-ac4c-0b61eb264b53

Windows Server 2008 for 32-bit Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=13033aec-b83b-4f97-bdcf-061b19718a53

Windows Server 2008 for x64-based Systems Service Pack 2:

https://www.microsoft.com/downloads/details.aspx?familyid=5564493b-1226-4aca-b74e-122c0b7a6699

Windows Server 2008 R2 for x64-based Systems Service Pack 1:

https://www.microsoft.com/downloads/details.aspx?familyid=22182a9d-ee72-4b92-8e4f-fe363fe54727

Windows Server 2012:

https://www.microsoft.com/downloads/details.aspx?familyid=eb39dd67-2a5d-4f81-9a45-2be1debb042d

Windows Server 2012 R2:

https://www.microsoft.com/downloads/details.aspx?familyid=6789819f-7a09-4256-ac4c-0b61eb264b53

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms15-096

Vendor URL:  technet.microsoft.com/library/security/ms15-096 (Links to External Site)
Cause:   State error
Underlying OS:  Windows (2008), Windows (2012)
Underlying OS Comments:  2008, 2008 R2, 2012, 2012 R2

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC