7.2

CVE-2011-0043

EPSS 0.78%
Veröffentlicht 10.02.2011 16:00:13
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2003 Server Updatesp2

Microsoft ≫ Windows 2003 Server Updatesp2 Editionitanium

Microsoft ≫ Windows Server 2003 Updatesp2

Microsoft ≫ Windows Xp Updatesp3

Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.78%	0.73

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://osvdb.org/70834

http://secunia.com/advisories/43251

Vendor Advisory

http://support.avaya.com/css/P8/documents/100127250

http://www.securityfocus.com/bid/46130

http://www.securitytracker.com/id?1025048

http://www.vupen.com/english/advisories/2011/0326

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-013

https://exchange.xforce.ibmcloud.com/vulnerabilities/64900

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12432

https://nvd.nist.gov/vuln/detail/CVE-2011-0043

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-0043

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-0043

EUVD