Executive Summary

Title Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)
Name MS14-016 First vendor Publication 2014-03-11
Vendor Microsoft Last vendor Modification 2014-09-10
Severity (Vendor) Important Revision 1.2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:N/I:C/A:N)
Cvss Base Score 5.4 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Severity Rating: Important
Revision Note: V1.2 (September 10, 2014): Revised Update FAQ and entries in the Operating System column of the Affected Software table to further clarify what version of Active Directory must be installed on a system to be offered the update. These are informational changes only.
Summary: This security update resolves one privately reported vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker makes multiple attempts to match passwords to a username.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS14-016

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-264 Permissions, Privileges, and Access Controls
50 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24048
Oval ID: oval:org.mitre.oval:def:24048
Title: SAMR security feature bypass vulnerability (CVE-2014-0317) - MS14-016
Description: The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2014-0317
Version: 12
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Active Directory
Active Directory Application Mode
Active Directory Lightweight Directory Service
Definition Synopsis:

CPE : Common Platform Enumeration

Os 1
Os 2
Os 4
Os 2
Os 2

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-03-13 IAVM : 2014-B-0028 - Microsoft Security Account Manager Remote (SAMR) Security Bypass Vulnerability
Severity : Category II - VMSKEY : V0046171

Nessus® Vulnerability Scanner

Date Description
2014-03-11 Name : The remote Windows host is affected by a security feature bypass vulnerability.
File : smb_nt_ms14-016.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-04-27 02:04:17
  • Multiple Updates
2014-09-11 05:31:45
  • Multiple Updates
2014-09-11 05:20:07
  • Multiple Updates
2014-03-21 00:15:50
  • Multiple Updates
2014-03-17 17:19:02
  • Multiple Updates
2014-03-13 13:31:09
  • Multiple Updates
2014-03-12 13:26:35
  • Multiple Updates
2014-03-12 13:21:33
  • Multiple Updates
2014-03-11 21:20:16
  • First insertion