MS05-042: Vulnerability in Kerberos Could Allow Denial of Service, Information Disclosure and Spoofing (899587)
Medium Nessus Plugin ID 19405
SynopsisIt is possible to crash the remote service or disclose information.
DescriptionThe remote host contains a version of the Kerberos protocol that contains multiple security flaws that could allow an attacker to crash the remote service (AD), disclose information or spoof a session.
An attacker would need valid credentials to exploit these flaws.
SolutionMicrosoft has released a set of patches for Windows 2000, XP and 2003.