Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:KERBEROS:DOS-TCP

Severity

 Minor

Recommended

 No

Category

 APP

Keywords

 MS Server Kerberos Denial of Service over TCP

Release Date

 2005/08/15

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: MS Server Kerberos Denial of Service over TCP


This signature detects attempts to exploit a known flaw in the Microsoft implementation of the Kerberos protocol. A denial of service vulnerability exists that could allow an attacker to send a specially crafted message to a Windows domain controller that could cause the service responsible for authenticating users in an Active Directory domain to stop responding.

Extended Description

Microsoft Windows is susceptible to a remote Kerberos denial of service vulnerability. By sending unspecified packets to the Kerberos service on TCP or UDP port 88, attackers may cause the affected service to crash. This vulnerability allows remote attackers to crash the affected authentication service, denying further domain authentication to legitimate users. It should be noted that exploitation requires that attackers have valid logon credentials.

Affected Products

  • Microsoft windows_2000_advanced_server SP1
  • Microsoft windows_2000_advanced_server SP2
  • Microsoft windows_2000_advanced_server SP3
  • Microsoft windows_2000_advanced_server SP4
  • Microsoft windows_2000_advanced_server
  • Microsoft windows_2000_datacenter_server SP1
  • Microsoft windows_2000_datacenter_server SP2
  • Microsoft windows_2000_datacenter_server SP3
  • Microsoft windows_2000_datacenter_server SP4
  • Microsoft windows_2000_datacenter_server
  • Microsoft windows_2000_server SP1
  • Microsoft windows_2000_server SP2
  • Microsoft windows_2000_server SP3
  • Microsoft windows_2000_server SP4
  • Microsoft windows_2000_server
  • Microsoft windows_server_2003_datacenter_edition SP1
  • Microsoft windows_server_2003_datacenter_edition
  • Microsoft windows_server_2003_datacenter_edition_itanium SP1
  • Microsoft windows_server_2003_datacenter_edition_itanium
  • Microsoft windows_server_2003_datacenter_x64_edition
  • Microsoft windows_server_2003_enterprise_edition SP1
  • Microsoft windows_server_2003_enterprise_edition
  • Microsoft windows_server_2003_enterprise_edition_itanium SP1
  • Microsoft windows_server_2003_enterprise_edition_itanium
  • Microsoft windows_server_2003_enterprise_x64_edition
  • Microsoft windows_server_2003_standard_edition SP1
  • Microsoft windows_server_2003_standard_edition
  • Microsoft windows_server_2003_standard_x64_edition
  • Microsoft windows_server_2003_web_edition SP1
  • Microsoft windows_server_2003_web_edition

References

  • BugTraq: 14519
  • CVE: CVE-2005-1981
  • URL: http://www.microsoft.com/technet/Security/bulletin/ms05-042.mspx

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out