Back to search
CVE-2011-0040
Published: Feb 9, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MS11-005
vendor-advisory
x_refsource_MS
70825
vdb-entry
x_refsource_OSVDB
ADV-2011-0319
vdb-entry
x_refsource_VUPEN
1025042
vdb-entry
x_refsource_SECTRACK
43215
third-party-advisory
x_refsource_SECUNIA
ms-win-active-directory-dos(64915)
vdb-entry
x_refsource_XF
46145
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:12485
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now