SecuritySpace - CVE-2015-2374

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-2374

Description: The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon."

Test IDs: 1.3.6.1.4.1.25623.1.0.805075

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-2374
BugTraq ID: 75633
http://www.securityfocus.com/bid/75633
Microsoft Security Bulletin: MS15-071
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-071
http://www.securitytracker.com/id/1032900

CVE ID:	CVE-2015-2374
Description:	The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon."
Test IDs:	1.3.6.1.4.1.25623.1.0.805075
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2374 BugTraq ID: 75633 http://www.securityfocus.com/bid/75633 Microsoft Security Bulletin: MS15-071 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-071 http://www.securitytracker.com/id/1032900