Vigil@nce - Windows: brute force via SAMR
March 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use SAMR to exploit a brute force, in order to
guess the password of a Windows user.
– Impacted products: Windows 2003, Windows 2008, Microsoft Windows
2012, Windows Vista, Windows XP
– Severity: 2/4
– Creation date: 11/03/2014
DESCRIPTION OF THE VULNERABILITY
The SAMR (Security Account Manager Remote) protocol is used to
manipulate the user database.
However, the account lockout is not managed.
An attacker can therefore use SAMR to exploit a brute force, in
order to guess the password of a Windows user.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-brute-force-via-SAMR-14407