Executive Summary
Summary | |
---|---|
Title | Microsoft Windows NTLM automatically authenticates via SMB when following a file |
Informations | |||
---|---|---|---|
Name | VU#672268 | First vendor Publication | 2015-04-13 |
Vendor | VU-CERT | Last vendor Modification | 2015-04-17 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | Not Defined | Attack Range | Not Defined |
Cvss Impact Score | Not Defined | Attack Complexity | Not Defined |
Cvss Expoit Score | Not Defined | Authentication | Not Defined |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#672268Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URLOverviewSoftware running on Microsoft Windows that utilizes HTTP requests can be forwarded to a file:// protocol on a malicious server, which causes Windows to automatically attempt authentication via SMB to the malicious server in some circumstances. The encrypted form of the user's credentials are then logged on the malicious server. This vulnerability is alternatively known as "Redirect to SMB". Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThanks to Brian Wallace of Cylance, Inc., for reporting this vulnerability. This document was written by Garret Wassermann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/672268 |
Alert History
Date | Informations |
---|---|
2015-04-17 21:25:16 |
|
2015-04-15 05:26:56 |
|
2015-04-14 00:24:30 |
|
2015-04-13 21:25:32 |
|
2015-04-13 17:26:33 |
|