MS11-013: Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930)

high Nessus Plugin ID 51913

Synopsis

The remote implementation of Kerberos is affected by one or more vulnerabilities.

Description

The implementation of Kerberos on the remote Windows host is affected by one or more vulnerabilities :

- Microsoft's Kerberos implementation uses a weak hashing mechanism, which can allow for certain aspects of a Kerberos service ticket to be forged. Note that this is not exploitable on domains where the domain controllers are running Windows Server 2008 or Windows Server 2008 R2. (CVE-2011-0043)

- An attacker can force a downgrade in Kerberos communication between a client and server to a weaker encryption standard than negotiated originally by means of a man-in-the-middle attack because Windows does not correctly enforce the stronger default encryption standards included in Windows 7 and Windows Server 2008 R2. Note that this issue only affects implementations of Kerberos on Windows 7 and Windows Server 2008 R2.
(CVE-2011-0091)

Solution

Microsoft has released a set of patches for Windows XP, 2003, 7, and 2008 R2.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-013

Plugin Details

Severity: High

ID: 51913

File Name: smb_nt_ms11-013.nasl

Version: 1.17

Type: local

Agent: windows

Published: 2/8/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 2/8/2011

Vulnerability Publication Date: 2/8/2011

Reference Information

CVE: CVE-2011-0043, CVE-2011-0091

BID: 46130, 46140

MSFT: MS11-013

MSKB: 2425227, 2478971