Back to search
CVE-2015-0005
Published: Mar 11, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.samba.org/samba/history/samba-4.2.10.html
x_refsource_CONFIRM
1031891
vdb-entry
x_refsource_SECTRACK
20150310 [CORE-2015-0005] - Windows Pass-Through Authentication Methods Improper Validation
mailing-list
x_refsource_FULLDISC
MS15-027
vendor-advisory
x_refsource_MS
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now