[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Elevation of Privilege in Active Directory - MS11-086

ID: oval:org.secpod.oval:def:2717Date: (C)2011-11-09   (M)2023-12-14
Class: PATCHFamily: windows




The host is missing an important security update according to Microsoft security bulletin, MS11-086. The update is required to fix elevation of privilege vulnerability. A flaw is present in the application, which is caused when Active Directory is configured to use LDAPS and fails to validate the revocation status of SSL certificate against the Certificate Revocation List (CRL) associated with the domain account. Successful exploitation allows attackers to obtain access to network resources or run code under the privileges of a specific authorized user.

Platform:
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product:
Active Directory
Active Directory Application Mode
Reference:
MS11-086
CVE-2011-2014
CVE    1
CVE-2011-2014
CPE    25
cpe:/o:microsoft:windows_server_2008:r2:sp1:x64
cpe:/o:microsoft:windows_7::sp1:x64
cpe:/o:microsoft:windows_7::sp1:x86
cpe:/o:microsoft:windows_xp::sp3:x86
...
XCCDF    8
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_scaprepo.com_benchmark_microsoft-windows-server-2008-r2
xccdf_com.secpod_benchmark_microsoft-windows-server-2003
xccdf_com.secpod_benchmark_microsoft-windows-xp
...

© SecPod Technologies