Executive Summary

Informations
NameCVE-2011-2014First vendor Publication2011-11-08
VendorCveLast vendor Modification2012-02-14

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score9Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability."

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2014

CWE : Common Weakness Enumeration

idName
CWE-287Improper Authentication

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13278
 
Oval ID: oval:org.mitre.oval:def:13278
Title: LDAPS Authentication Bypass Vulnerability
Description: The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2011-2014
Version: 9
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os4
Os3
Os4
Os2
Os2

OpenVAS Exploits

DateDescription
2011-11-09Name : Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability ...
File : nvt/secpod_ms11-086.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
76902Microsoft Windows Active Directory LDAPS CRL Handling Weakness Authentication...

Nessus® Vulnerability Scanner

DateDescription
2011-11-08Name : The installed version of Active Directory is affected by a vulnerability that...
File : smb_nt_ms11-086.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
MShttp://technet.microsoft.com/security/bulletin/MS11-086
SECTRACKhttp://www.securitytracker.com/id?1026294

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 11:02:36
  • Multiple Updates
2013-05-10 23:01:02
  • Multiple Updates