cvelistv5 - cve-2015-0006

CVE-2015-0006 (GCVE-0-2015-0006)

Vulnerability from cvelistv5 – Published: 2015-01-13 22:00 – Updated: 2024-08-06 03:55

Summary

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	http://secunia.com/advisories/62184	third-party-advisoryx_refsource_SECUNIA
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/bid/71930	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/62098	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:55:27.750Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "62184",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62184"
          },
          {
            "name": "MS15-005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
          },
          {
            "name": "71930",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/71930"
          },
          {
            "name": "win-ms15kb3022777-update(99522)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
          },
          {
            "name": "62098",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62098"
          },
          {
            "name": "ms-nla-cve20150006-security-bypass(99521)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "62184",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62184"
        },
        {
          "name": "MS15-005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
        },
        {
          "name": "71930",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/71930"
        },
        {
          "name": "win-ms15kb3022777-update(99522)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
        },
        {
          "name": "62098",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62098"
        },
        {
          "name": "ms-nla-cve20150006-security-bypass(99521)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2015-0006",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "62184",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62184"
            },
            {
              "name": "MS15-005",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
            },
            {
              "name": "71930",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/71930"
            },
            {
              "name": "win-ms15kb3022777-update(99522)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
            },
            {
              "name": "62098",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62098"
            },
            {
              "name": "ms-nla-cve20150006-security-bypass(99521)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2015-0006",
    "datePublished": "2015-01-13T22:00:00",
    "dateReserved": "2014-11-18T00:00:00",
    "dateUpdated": "2024-08-06T03:55:27.750Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2B1C231-DE19-4B8F-A4AA-5B3A65276E46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D229E41-A971-4284-9657-16D78414B93F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6CE5198-C498-4672-AF4C-77AB4BE06C5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D3B5E4F-56A6-4696-BBB4-19DF3613D020\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F422A8C-2C4E-42C8-B420-E0728037E15C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2ACA9287-B475-4AF7-A4DA-A7143CEF9E57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB506484-7F0C-46BF-8EA6-4FB5AF454CED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:x64:*:*\", \"matchCriteriaId\": \"D29A1464-D228-4E0D-8FEA-06B9CBCA7F74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF1AD1A1-EE20-4BCE-9EE6-84B27139811C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \\\"NLA Security Feature Bypass Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"El servicio Network Location Awareness (NLA) de Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 no realiza autenticaci\\u00f3n rec\\u00edproca para determinar un dominio de conexi\\u00f3n, lo que permite atacantes remotos lanzar una configuraci\\u00f3n permisiva no intencionada mediante suplantaci\\u00f3n de DNS y respuestas LDAP en la red local, tambi\\u00e9n conocido como \u0027NLA Security Feature Bypass Vulnerability.\u0027\"}]",
      "id": "CVE-2015-0006",
      "lastModified": "2024-11-21T02:22:10.427",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:N/C:N/I:C/A:N\", \"baseScore\": 6.1, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.5, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-01-13T22:59:03.580",
      "references": "[{\"url\": \"http://secunia.com/advisories/62098\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/62184\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.securityfocus.com/bid/71930\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/99521\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/99522\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/62098\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/62184\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/71930\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/99521\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/99522\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-0006\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2015-01-13T22:59:03.580\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \\\"NLA Security Feature Bypass Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"El servicio Network Location Awareness (NLA) de Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 no realiza autenticaci\u00f3n rec\u00edproca para determinar un dominio de conexi\u00f3n, lo que permite atacantes remotos lanzar una configuraci\u00f3n permisiva no intencionada mediante suplantaci\u00f3n de DNS y respuestas LDAP en la red local, tambi\u00e9n conocido como \u0027NLA Security Feature Bypass Vulnerability.\u0027\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:C/A:N\",\"baseScore\":6.1,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B1C231-DE19-4B8F-A4AA-5B3A65276E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D229E41-A971-4284-9657-16D78414B93F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E93068DB-549B-45AB-8E5C-00EB5D8B5CF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6CE5198-C498-4672-AF4C-77AB4BE06C5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D3B5E4F-56A6-4696-BBB4-19DF3613D020\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F422A8C-2C4E-42C8-B420-E0728037E15C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ACA9287-B475-4AF7-A4DA-A7143CEF9E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB506484-7F0C-46BF-8EA6-4FB5AF454CED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:x64:*:*\",\"matchCriteriaId\":\"D29A1464-D228-4E0D-8FEA-06B9CBCA7F74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF1AD1A1-EE20-4BCE-9EE6-84B27139811C\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/62098\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/62184\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/71930\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/99521\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/99522\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/62098\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/62184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/71930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/99521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/99522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CNVD-2015-00358

Vulnerability from cnvd - Published: 2015-01-16

Title

Microsoft Windows Server DNS和LDAP响应欺骗漏洞

Description

Microsoft Windows是Microsoft公司推出的一系列操作系统。 Microsoft Network Location Awareness (NLA)服务存在安全绕过漏洞，可导致防火墙规则或部分服务的配置过于宽松，增加攻击者攻击的机会。当NLA服务未能正确校验域链接计算机是否连接域或不可信任网络时可触发该漏洞。远程攻击者可绕过安全限制进行攻击。

Severity

中

Patch Name

Microsoft Windows Server DNS和LDAP响应欺骗漏洞的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞：http://technet.microsoft.com/security/bulletin/MS15-005

Reference

http://technet.microsoft.com/security/bulletin/MS15-005

Impacted products

Name
['Microsoft Windows Server 2008', 'Microsoft Windows 7 null', 'Microsoft Windows Vista', 'Microsoft Windows Server 2012 null', 'Microsoft Windows 8.1', 'Microsoft Windows 8']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "71930"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0006"
    }
  },
  "description": "Microsoft Windows\u662fMicrosoft\u516c\u53f8\u63a8\u51fa\u7684\u4e00\u7cfb\u5217\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nMicrosoft Network Location Awareness (NLA)\u670d\u52a1\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u53ef\u5bfc\u81f4\u9632\u706b\u5899\u89c4\u5219\u6216\u90e8\u5206\u670d\u52a1\u7684\u914d\u7f6e\u8fc7\u4e8e\u5bbd\u677e\uff0c\u589e\u52a0\u653b\u51fb\u8005\u653b\u51fb\u7684\u673a\u4f1a\u3002\u5f53NLA\u670d\u52a1\u672a\u80fd\u6b63\u786e\u6821\u9a8c\u57df\u94fe\u63a5\u8ba1\u7b97\u673a\u662f\u5426\u8fde\u63a5\u57df\u6216\u4e0d\u53ef\u4fe1\u4efb\u7f51\u7edc\u65f6\u53ef\u89e6\u53d1\u8be5\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u8fdb\u884c\u653b\u51fb\u3002",
  "discovererName": "Jonas Vestberg of Senator",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1ahttp://technet.microsoft.com/security/bulletin/MS15-005",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00358",
  "openTime": "2015-01-16",
  "patchDescription": "Microsoft Windows\u662fMicrosoft\u516c\u53f8\u63a8\u51fa\u7684\u4e00\u7cfb\u5217\u64cd\u4f5c\u7cfb\u7edf\u3002 \r\n\r\nMicrosoft Network Location Awareness (NLA)\u670d\u52a1\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u53ef\u5bfc\u81f4\u9632\u706b\u5899\u89c4\u5219\u6216\u90e8\u5206\u670d\u52a1\u7684\u914d\u7f6e\u8fc7\u4e8e\u5bbd\u677e\uff0c\u589e\u52a0\u653b\u51fb\u8005\u653b\u51fb\u7684\u673a\u4f1a\u3002\u5f53NLA\u670d\u52a1\u672a\u80fd\u6b63\u786e\u6821\u9a8c\u57df\u94fe\u63a5\u8ba1\u7b97\u673a\u662f\u5426\u8fde\u63a5\u57df\u6216\u4e0d\u53ef\u4fe1\u4efb\u7f51\u7edc\u65f6\u53ef\u89e6\u53d1\u8be5\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u8fdb\u884c\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Server DNS\u548cLDAP\u54cd\u5e94\u6b3a\u9a97\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows Server 2008",
      "Microsoft Windows 7 null",
      "Microsoft Windows Vista",
      "Microsoft Windows Server 2012 null",
      "Microsoft Windows 8.1",
      "Microsoft Windows 8"
    ]
  },
  "referenceLink": "http://technet.microsoft.com/security/bulletin/MS15-005",
  "serverity": "\u4e2d",
  "submitTime": "2015-01-15",
  "title": "Microsoft Windows Server DNS\u548cLDAP\u54cd\u5e94\u6b3a\u9a97\u6f0f\u6d1e"
}

GHSA-RF6F-3F33-P8CX

Vulnerability from github – Published: 2022-05-14 01:31 – Updated: 2022-05-14 01:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-0006"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-01-13T22:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\"",
  "id": "GHSA-rf6f-3f33-p8cx",
  "modified": "2022-05-14T01:31:27Z",
  "published": "2022-05-14T01:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0006"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62098"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62184"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/71930"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2015-AVI-015

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans le service NLA de Microsoft Windows. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2
Microsoft	Windows	Windows Server 2008
Microsoft	Windows	Windows 7
Microsoft	Windows	Windows Server 2003
Microsoft	Windows	Windows Vista
Microsoft	Windows	Windows 8
Microsoft	Windows	Windows 8.1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS15-005 du 13 janvier 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-0006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0006"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-015",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le service \u003cspan\nclass=\"textit\"\u003eNLA\u003c/span\u003e de \u003cspan class=\"textit\"\u003eMicrosoft\nWindows\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le service NLA de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS15-005 du 13 janvier 2015",
      "url": "https://technet.microsoft.com/en-us/library/security/MS15-005"
    }
  ]
}

CERTFR-2015-AVI-015

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans le service NLA de Microsoft Windows. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2
Microsoft	Windows	Windows Server 2008
Microsoft	Windows	Windows 7
Microsoft	Windows	Windows Server 2003
Microsoft	Windows	Windows Vista
Microsoft	Windows	Windows 8
Microsoft	Windows	Windows 8.1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS15-005 du 13 janvier 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-0006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0006"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-015",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le service \u003cspan\nclass=\"textit\"\u003eNLA\u003c/span\u003e de \u003cspan class=\"textit\"\u003eMicrosoft\nWindows\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un contournement\nde la politique de s\u00e9curit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le service NLA de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS15-005 du 13 janvier 2015",
      "url": "https://technet.microsoft.com/en-us/library/security/MS15-005"
    }
  ]
}

GSD-2015-0006

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-0006

Aliases

CVE-2015-0006

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-0006",
    "description": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\"",
    "id": "GSD-2015-0006"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-0006"
      ],
      "details": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\"",
      "id": "GSD-2015-0006",
      "modified": "2023-12-13T01:19:58.267694Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2015-0006",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "62184",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62184"
          },
          {
            "name": "MS15-005",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
          },
          {
            "name": "71930",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/71930"
          },
          {
            "name": "win-ms15kb3022777-update(99522)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
          },
          {
            "name": "62098",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62098"
          },
          {
            "name": "ms-nla-cve20150006-security-bypass(99521)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:x64:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2015-0006"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "71930",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/71930"
            },
            {
              "name": "62184",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/62184"
            },
            {
              "name": "62098",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/62098"
            },
            {
              "name": "win-ms15kb3022777-update(99522)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
            },
            {
              "name": "ms-nla-cve20150006-security-bypass(99521)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
            },
            {
              "name": "MS15-005",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-02-26T14:04Z",
      "publishedDate": "2015-01-13T22:59Z"
    }
  }
}

FKIE_CVE-2015-0006

Vulnerability from fkie_nvd - Published: 2015-01-13 22:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

	URL	Tags
	secure@microsoft.com	http://secunia.com/advisories/62098
	secure@microsoft.com	http://secunia.com/advisories/62184
	secure@microsoft.com	http://www.securityfocus.com/bid/71930
	secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005
	secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/99521
	secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/99522
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62098
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62184
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/71930
	af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/99521
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/99522

Impacted products

Vendor	Product	Version
microsoft	windows_7	-
microsoft	windows_8	-
microsoft	windows_8.1	-
microsoft	windows_rt_8.1	-
microsoft	windows_server_2003	*
microsoft	windows_server_2008	-
microsoft	windows_server_2008	r2
microsoft	windows_server_2012	-
microsoft	windows_server_2012	r2
microsoft	windows_vista	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:gold:*:*:*:*:*:*",
              "matchCriteriaId": "AB506484-7F0C-46BF-8EA6-4FB5AF454CED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:x64:*:*",
              "matchCriteriaId": "D29A1464-D228-4E0D-8FEA-06B9CBCA7F74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka \"NLA Security Feature Bypass Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "El servicio Network Location Awareness (NLA) de Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, y Windows Server 2012 Gold y R2 no realiza autenticaci\u00f3n rec\u00edproca para determinar un dominio de conexi\u00f3n, lo que permite atacantes remotos lanzar una configuraci\u00f3n permisiva no intencionada mediante suplantaci\u00f3n de DNS y respuestas LDAP en la red local, tambi\u00e9n conocido como \u0027NLA Security Feature Bypass Vulnerability.\u0027"
    }
  ],
  "id": "CVE-2015-0006",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-01-13T22:59:03.580",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/62098"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/62184"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/71930"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62098"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/71930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99522"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-0006 (GCVE-0-2015-0006)

CNVD-2015-00358

GHSA-RF6F-3F33-P8CX

CERTFR-2015-AVI-015

Solution

CERTFR-2015-AVI-015

Solution

GSD-2015-0006

FKIE_CVE-2015-0006

Tags

Sightings

Nomenclature