- Home
- CVEs with nessus.description==The implementation of Kerberos on the remote Windows host is affected by one or more vulnerabilities :
- Microsoft's Kerberos implementation uses a weak hashing mechanism, which can allow for certain aspects of a Kerberos service ticket to be forged. Note that this is not exploitable on domains where the domain controllers are running Windows Server 2008 or Windows Server 2008 R2. (CVE-2011-0043)
- An attacker can force a downgrade in Kerberos communication between a client and server to a weaker encryption standard than negotiated originally by means of a man-in-the-middle attack because Windows does not correctly enforce the stronger default encryption standards included in Windows 7 and Windows Server 2008 R2. Note that this issue only affects implementations of Kerberos on Windows 7 and Windows Server 2008 R2.
(CVE-2011-0091)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top