7.2

CVE-2011-0043

EPSS 0.78%
Published 10.02.2011 16:00:13
Last modified 11.04.2025 00:51:21
Source secure@microsoft.com
Teams watchlist Login
Open Login

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2003 Server Updatesp2

Microsoft ≫ Windows 2003 Server Updatesp2 Editionitanium

Microsoft ≫ Windows Server 2003 Updatesp2

Microsoft ≫ Windows Xp Updatesp3

Microsoft ≫ Windows Xp Version- Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.78%	0.73

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://osvdb.org/70834

http://secunia.com/advisories/43251

Vendor Advisory

http://support.avaya.com/css/P8/documents/100127250

http://www.securityfocus.com/bid/46130

http://www.securitytracker.com/id?1025048

http://www.vupen.com/english/advisories/2011/0326

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-013

https://exchange.xforce.ibmcloud.com/vulnerabilities/64900

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12432

https://nvd.nist.gov/vuln/detail/CVE-2011-0043

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-0043

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-0043

EUVD