MS11-005 MS11-005 - Important: Vulnerability in Active Directory Could Allow Denial of Service (2478953)
Important2011-02-08 Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in Active Directory. The vulnerability could allow denial of service if an attacker sent a specially crafted packet to an affected Active Directory server. The attacker must have valid local administrator privileges on the domain-joined computer in order to exploit this vulnerability.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
The server in Microsoft Active Directory on Windows Server 2003 SP2 does not properly handle an update request for a service principal name (SPN), which allows remote attackers to cause a denial of service (authentication downgrade or outage) via a crafted request that triggers name collisions, aka "Active Directory SPN Validation Vulnerability."
Max CVSS
5.0
EPSS Score
5.38%
Published
2011-02-09
Updated
2018-10-12