CVE-2015-0006
published 2015-01-13CVE-2015-0006: The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1…
PriorityP335medium6.1CVSS 2.0
AVAACLAuNCNICAN
EPSS
11.61%
95.5th percentile
The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rf6f-3f33-p8cx: The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP
ghsa_unreviewed·2022-05-14
CVE-2015-0006 [MEDIUM] GHSA-rf6f-3f33-p8cx: The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP
The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."
VMware
VMware vCenter Server updates address a LDAP certificate validation issue
vendor_vmware·2015-09-16·CVSS 5.8
CVE-2015-6932 [MEDIUM] VMware vCenter Server updates address a LDAP certificate validation issue
VMSA-2015-0006: VMware vCenter Server updates address a LDAP certificate validation issue
VMware vCenter Server LDAP certificate validation vulnerability. VMware vCenter Server does not validate the certificate when connecting to a single sign on identity source using LDAPS (LDAP over SSL). This applies when connecting to Active Directory as an LDAP Server or OpenLDAP. Exploitation of this vulnerability may allow an attacker that is able to intercept traffic between vCenter Server and the LDAP server to capture sensitive information. Active Directory (Integrated Windows Authentication) is unaffected. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-6932 to this issue. Column 4 of the following table lists the action required to remediat
No detection rules found.
Talos
Microsoft Update Tuesday January 2015: Another Light Month, No IE
Bulletins, More Changes to Reporting
blogs_talos·2015-01-13·CVSS 7.2
[HIGH] Microsoft Update Tuesday January 2015: Another Light Month, No IE
Bulletins, More Changes to Reporting
This post was written by Yves Younan.
Microsoft’s first Update Tuesday of 2015 is pretty light, there’s a total of eight bulletins, all covering a single vulnerability. Seven of these bulletins are rated as important and just one is rated critical. No bulletin for IE is being released this month. Two of the vulnerabilities were publicly disclosed prior to today, while another one was being actively exploited by attackers.
Microsoft made a number of changes to Update Tuesday last month, such as dropping deployment priority in favor of their exploitability index (XI). This month more changes were made to the program: Microsoft is no longer providing their Advance Notification Service (ANS) to the general public, but is instead only providing it to premier customers.
The first bulletin of
Talos
Microsoft Update Tuesday January 2015: Another Light Month, No IE
Bulletins, More Changes to Reporting
blogs_talos·2015-01-13·CVSS 7.2
[HIGH] Microsoft Update Tuesday January 2015: Another Light Month, No IE
Bulletins, More Changes to Reporting
## Microsoft Update Tuesday January 2015: Another Light Month, No IE
Bulletins, More Changes to Reporting
This post was written by Yves Younan .
Microsoft’s first Update Tuesday of 2015 is pretty light, there’s a total of eight bulletins, all covering a single vulnerability. Seven of these bulletins are rated as important and just one is rated critical. No bulletin for IE is being released this month. Two of the vulnerabilities were publicly disclosed prior to today, while another one was being actively exploited by attackers.
Microsoft made a number of changes to Update Tuesday last month, such as dropping deployment priority in favor of their exploitability index (XI). This month more changes were made to the program: Microsoft is no longer providing their Advance Notification Service
http://secunia.com/advisories/62098http://secunia.com/advisories/62184http://www.securityfocus.com/bid/71930https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005https://exchange.xforce.ibmcloud.com/vulnerabilities/99521https://exchange.xforce.ibmcloud.com/vulnerabilities/99522http://secunia.com/advisories/62098http://secunia.com/advisories/62184http://www.securityfocus.com/bid/71930https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005https://exchange.xforce.ibmcloud.com/vulnerabilities/99521https://exchange.xforce.ibmcloud.com/vulnerabilities/99522
2015-01-13
Published