Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Denial of Service in Windows Kerberos, PKINIT, and RDP
Kerberos, PKINIT, and Remote Desktop Protocol on Windows are vulnerable to denial of service attacks.
ITPro Today
August 9, 2005
1 Min Read
Denialof Service in Windows Kerberos, PKINIT, and RDP
ReportedAugust 9, 2005 by Microsoft
VERSIONS AFFECTED
Windows 2000Windows XPWindows Server 2003 |
DESCRIPTION
The Kerberos subsystemcontains flaws that could allow an intruder to cause a denial ofservice. The flaw is due to the way domain controllers (DCs) processKerberos messages. The related PKINIT protocol contains a design flawthat could allow information disclosure and spoofing, which could letan intruder intercept communication between a client and server.
RDP contains a flawthat could allow an intruder to launch a Denial of Service (DoS)attack against an affected system. Such an attack might cause theserver to stop responding and to automatically reboot itself.
VENDOR RESPONSE
Microsoft releasedSecurity Bulletin MS05-042, "Vulnerabilitiesin Kerberos Could Allow Denial of Service, Information Disclosure,and Spoofing (899587),"and an associated patch to correct the problem with the Kerberos?service.
Microsoft releasedSecurity Bulletin MS05-041, "Vulnerabilityin Remote Desktop Protocol Could Allow Denial of Service (899591),"and an associated patch to correct the problem with RDP.
CREDITS
TonyChin and Geert Jansen of Shell reported the Kerberos vulnerability;Andre Scedrov, Iliano Cervesato, Aaron Jaggard, Joe-Kai Tsay, andChris Walstad reported the PKINIT vulnerability; Tom Ferris ofSecurity Protocols reported the RDP vulnerability.
About the Author(s)
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
_(1).png?width=700&auto=webp&quality=80&disable=upscale)
.png?width=700&auto=webp&quality=80&disable=upscale)