|
Family: Windows : Microsoft Bulletins --> Category: infos
Certificate Validation Flaw Could Enable Identity Spoofing (Q328145) Vulnerability Scan
Vulnerability Scan Summary Checks for MS Hotfix Q328145, Certificate Validation Flaw
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to spoof user identity.
Description :
The remote host contains a version of the CryptoAPI which is vulnerable
to a security flaw which may allow a possible hacker to spoof the identity
of another user with malformed SSL certificates.
Solution :
Microsoft has released a set of patches for Windows NT, 2000 and XP :
http://www.microsoft.com/technet/security/bulletin/ms02-050.mspx
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:H/Au:R/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|