QwikSec

Security Database

CVE

CWE

Training

CVE-2014-6324

Published: Nov 18, 2014

Modified: Oct 22, 2025

PUBLISHED

Description

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_HP

http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_MS

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_CERT

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.