Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0015

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2015-0015
Last Modified 14 Jan 2015 04:00:26
Published 13 Jan 2015 05:59:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0015

Summary

Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2003

  • Microsoft Windows Server 2008 -

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Server 2012 -

  • Microsoft Windows Server 2012 R2


References

MS - MS15-007

Related Patches

MS15-007 Security Update for Windows Server 2003 (KB3014029)

MS15-007 Security Update for Windows Server 2008 (KB3014029)

MS15-007 Security Update for Windows Server 2003 x64 (KB3014029)

MS15-007 Security Update for Windows Server 2008 x64 (KB3014029)


Last Updated: 27 May 2016 11:07:32