Published: 11/03/2015 Updated: 08/05/2019
CVSS v2 Base Score: 4.3 | Impact Score: 4.9 | Exploitability Score: 5.5
VMScore: 383
Vector: AV:A/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Summary

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote malicious users to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2012 r2

microsoft windows server 2008 r2

microsoft windows server 2012 -

microsoft windows 2003 server

microsoft windows server 2008

Mailing Lists

Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks In a scenario where a client machine connects to a domain-joined server, a pass-through authentication must be performed in order for ...