Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2014-6324

Published: 18/11/2014 Updated: 26/02/2019
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
VMScore: 906
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Windows 8.1

Vulnerability Summary

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 8.1

microsoft windows server 2012 -

microsoft windows 7

microsoft windows 8

microsoft windows server 2008

microsoft windows server 2008 r2

microsoft windows vista -

microsoft windows server 2003

microsoft windows server 2012 r2

Exploits

Exploit DB: Microsoft Windows Kerberos - Privilege Escalation (MS14-068)
#!/usr/bin/python # MS14-068 Exploit # Author # ------ # Sylvain Monne # Contact : sylvain dot monne at solucom dot fr # twittercom/bidord import sys, os from random import getrandbits from time import time, localtime, strftime from kekccache import CCache, get_tgt_cred, kdc_rep2ccache from kekcrypto import generate_subkey, ntlm_has ...

Github Repositories

https://github.com/mubix/pykek

Kerberos Exploitation Kit

Python Kerberos Exploitation Kit PyKEK (Python Kerberos Exploitation Kit), a python library to manipulate KRB5-related data (Still in development) For now, only a few functionalities have been implemented (in a quite Quick'n'Dirty way) to exploit MS14-068 (CVE-2014-6324) More is coming Author Sylvain Monné Contact : sylvain dot monne at solucom dot fr ht

https://github.com/bigbael/as-rep-roast

Project (in Python) that retrieves hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

as-rep-roast Author Jason Martinsen Python code to execute an AS-REP Roasting attack USE ONLY AGAINST AUTHORIZED TARGETS Usage : USAGE: as-rep-roastpy -u <userName>@<domainName> -d <domainControlerAddr> Hashcat compatible output will be piped to screen and to hashcatout file This code is base

References

CWE-264http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspxhttp://www.us-cert.gov/ncas/alerts/TA14-323Ahttp://www.securitytracker.com/id/1031237http://marc.info/?l=bugtraq&m=142350249315918&w=2http://www.securityfocus.com/bid/70958http://secunia.com/advisories/62556https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-068https://nvd.nist.govhttps://github.com/mubix/pykekhttps://www.exploit-db.com/exploits/35474/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook