MS11-013 - Unkeyed checksum vulnerability in Kerberos implementation in Windows XP or Windows Server 2003ID: oval:org.secpod.oval:def:94 | Date: (C)2011-02-10 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Windows XP or Windows Server 2003 and is prone to Unkeyed checksum vulnerability. A flaw is present in Kerberos implementation, which fails to restrict support for weak hashing mechanisms such as CRC32 allowing certain aspects of a Kerberos service ticket to be forged. Successful exploitation which allows attackers to obtain a token with elevated privileges on the affected system.
Platform: |
Microsoft Windows Server 2003 |
Microsoft Windows XP |