Vulnerabilities > CVE-2012-2551 - Denial of Service vulnerability in Microsoft Windows Kerberos
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, and Windows 7 Gold and SP1, allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a crafted session request, aka "Kerberos NULL Dereference Vulnerability." Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 8 |
Msbulletin
bulletin_id | MS12-069 |
bulletin_url | |
date | 2012-10-09T00:00:00 |
impact | Denial of Service |
knowledgebase_id | 2743555 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Kerberos Could Allow Denial of Service |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS12-069.NASL |
description | The remote Windows host is affected by a vulnerability that could result in a denial of service if a remote attacker sends a specially crafted session request to the Kerberos server. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 62464 |
published | 2012-10-10 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/62464 |
title | MS12-069: Vulnerability in Kerberos Could Allow Denial of Service (2743555) |
code |
|
Oval
accepted | 2012-11-26T04:00:09.855-05:00 | ||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||
description | The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, and Windows 7 Gold and SP1, allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a crafted session request, aka "Kerberos NULL Dereference Vulnerability." | ||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:15674 | ||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||
submitted | 2012-10-17T09:26:06 | ||||||||||||||||||||||||||||
title | Kerberos NULL dereference vulnerability - MS12-069 | ||||||||||||||||||||||||||||
version | 72 |
References
- http://secunia.com/advisories/50867
- http://www.securityfocus.com/bid/55778
- http://www.securitytracker.com/id?1027620
- http://www.us-cert.gov/cas/techalerts/TA12-283A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-069
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15674