Published: 11/11/2015 Updated: 17/05/2019

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles password changes, which allows physically proximate malicious users to bypass authentication, and conduct decryption attacks against certain BitLocker configurations, by connecting to an unintended Key Distribution Center (KDC), aka "Windows Kerberos Security Feature Bypass."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows vista -
microsoft windows server 2012 -
microsoft windows server 2012 r2
microsoft windows 8.1 -
microsoft windows 8 -
microsoft windows 10 -
microsoft windows server 2008 r2
microsoft windows server 2008 -
microsoft windows 10 1511
microsoft windows 7 -

Automated Exploit Toolkit for CVE-2015-6095 and CVE-2016-0049

Note; this repository makes references to external repositories (known as Git submodules) After cloning this repository, please make sure to run the following commands to clone those submodules: git submodule init git submodule update BlueBox BlueBox is a collection of scripts and configurations for the automated exploitation of MS15-12

CWE-255 http://www.securitytracker.com/id/1034125 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-122 https://nvd.nist.gov https://github.com/JackOfMostTrades/bluebox

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-6095

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect