Denial of service vulnerability in network policy server radius implementation - CVE-2015-0015ID: oval:org.secpod.oval:def:23109 | Date: (C)2015-01-14 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Windows Server 2003, Server 2008, Server 2008 R2, Server 2012 or Server 2012 R2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle specially crafted username strings. Successful exploitation could allow attackers to send specially crafted username strings to an Internet Authentication Service (IAS) or Network Policy Server (NPS), causing a denial of service condition for RADIUS authentication on the IAS or NPS.
Platform: |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |