Executive Summary

Summary
TitleVulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
Informations
NameMS14-016First vendor Publication2014-03-11
VendorMicrosoftLast vendor Modification2014-09-10
Severity (Vendor) ImportantRevision1.2

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:C/A:N)
Cvss Base Score5.4Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityHigh
Cvss Expoit Score4.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.2 (September 10, 2014): Revised Update FAQ and entries in the Operating System column of the Affected Software table to further clarify what version of Active Directory must be installed on a system to be offered the update. These are informational changes only.
Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker makes multiple attempts to match passwords to a username.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS14-016

CWE : Common Weakness Enumeration

%idName
50 %CWE-264Permissions, Privileges, and Access Controls
50 %CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24048
 
Oval ID: oval:org.mitre.oval:def:24048
Title: SAMR security feature bypass vulnerability (CVE-2014-0317) - MS14-016
Description: The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0317
Version: 12
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Active Directory
Active Directory Application Mode
Active Directory Lightweight Directory Service
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1
Os3
Os4
Os2
Os2

Information Assurance Vulnerability Management (IAVM)

DateDescription
2014-03-13IAVM : 2014-B-0028 - Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability
Severity : Category II - VMSKEY : V0046171

Nessus® Vulnerability Scanner

DateDescription
2014-03-11Name : The remote Windows host is affected by a security feature bypass vulnerability.
File : smb_nt_ms14-016.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
DateInformations
2016-04-27 02:04:17
  • Multiple Updates
2014-09-11 05:31:45
  • Multiple Updates
2014-09-11 05:20:07
  • Multiple Updates
2014-03-21 00:15:50
  • Multiple Updates
2014-03-17 17:19:02
  • Multiple Updates
2014-03-13 13:31:09
  • Multiple Updates
2014-03-12 13:26:35
  • Multiple Updates
2014-03-12 13:21:33
  • Multiple Updates
2014-03-11 21:20:16
  • First insertion