First published: Wed Mar 11 2015(Updated: )
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server | =r2 | |
Microsoft Windows Server | =r2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-0005 has a high severity rating due to its potential impact on network security and data confidentiality.
To fix CVE-2015-0005, apply the latest security updates recommended by Microsoft for the affected Windows Server versions.
CVE-2015-0005 affects Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 and R2.
Yes, CVE-2015-0005 can allow remote attackers to spoof endpoints, potentially leading to unauthorized access to sensitive information.
While CVE-2015-0005 was identified in 2015, systems running the affected versions without patches remain vulnerable.