MS15-122: Security Update for Kerberos to Address Security Feature Bypass (3105256)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a security feature bypass
vulnerability.

Description :

The remote Windows host is affected by a security feature bypass
vulnerability in Kerberos due to a failure to check the password
change of a user signing into a workstation. A remote attacker can
exploit this vulnerability by connecting a workstation to a malicious
Kerberos Key Distribution Center (KDC), resulting in the ability to
decrypt drives protected by BitLocker.

Note that this vulnerability can only be exploited if the target
system has BitLocker enabled without a PIN or USB key, and the
computer is domain-joined.

See also :

https://technet.microsoft.com/library/security/MS15-122
https://support.microsoft.com/en-us/kb/3101246

Solution :

Microsoft has released a set of patches for Windows Vista, 2008, 7,
2008 R2, 8, RT, 2012, 8.1, RT 8.1, 2012 R2, and 10.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 86828 ()

Bugtraq ID: 77475

CVE ID: CVE-2015-6095

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now