Vulnerabilities > CVE-2015-0009 - 7PK - Security Features vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle attackers to disable a signing requirement and trigger a revert-to-default action by spoofing domain-controller responses, aka "Group Policy Security Feature Bypass Vulnerability."
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
id | EDB-ID:47559 |
last seen | 2019-10-30 |
modified | 2019-10-29 |
published | 2019-10-29 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/47559 |
title | Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass |
Msbulletin
bulletin_id | MS15-014 |
bulletin_url | |
date | 2015-02-10T00:00:00 |
impact | Security Feature Bypass |
knowledgebase_id | 3004361 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Group Policy Could Allow Security Feature Bypass |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS15-014.NASL |
description | The version of Windows running on the remote host is affected by a security downgrade vulnerability that affects workstations and servers configured to use Group Policy. A man-in-the-middle attacker, via modified domain controller responses sent to targeted systems, can cause the policy file to become corrupted and unreadable, resulting in the Group Policy settings reverting to their default, potentially less secure, state. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 81267 |
published | 2015-02-10 |
reporter | This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/81267 |
title | MS15-014: Vulnerability in Group Policy Could Allow Security Feature Bypass (3004361) |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/155007/msws2012gp-bypass.txt |
id | PACKETSTORM:155007 |
last seen | 2019-10-30 |
published | 2019-10-29 |
reporter | Thomas Zuk |
source | https://packetstormsecurity.com/files/155007/Microsoft-Windows-Server-2012-Group-Policy-Security-Feature-Bypass.html |
title | Microsoft Windows Server 2012 Group Policy Security Feature Bypass |
References
- http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx
- http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx
- http://packetstormsecurity.com/files/155007/Microsoft-Windows-Server-2012-Group-Policy-Security-Feature-Bypass.html
- http://packetstormsecurity.com/files/155007/Microsoft-Windows-Server-2012-Group-Policy-Security-Feature-Bypass.html
- http://www.securityfocus.com/bid/72476
- http://www.securityfocus.com/bid/72476
- http://www.securitytracker.com/id/1031722
- http://www.securitytracker.com/id/1031722
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-014
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-014