Oval Definition:oval:org.mitre.oval:def:15674
Revision Date:2012-11-26Version:44
Title:Kerberos NULL dereference vulnerability - MS12-069
Description:The server in Kerberos in Microsoft Windows Server 2008 R2 and R2 SP1, and Windows 7 Gold and SP1, allows remote attackers to cause a denial of service (NULL pointer dereference and reboot) via a crafted session request, aka "Kerberos NULL Dereference Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2012-2551
Platform(s):Microsoft Windows 7
Microsoft Windows Server 2008 R2
Product(s):
Definition Synopsis
  • Check for vulnerable Win 7/server 2008 r2 and file version
  • Check for Win 7/server 2008 r2
  • Microsoft Windows 7 is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND Check for LDR/GDR
  • Check if Kerberos.dll file version is less than 6.1.7600.17095
  • OR Check for LDR
  • the version of kerberos.dll is greater than 6.1.7600.20000
  • AND Check if Kerberos.dll file version is less than 6.1.7600.21298
  • OR Check for vulnerable Win 7 SP1/server 2008 r2 SP1 and file version
  • Check for Win 7 SP1/server 2008 r2 SP1
  • Microsoft Windows 7 (32-bit) Service Pack 1 is installed
  • OR Microsoft Windows 7 x64 Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition Service Pack 1 is installed
  • AND Check for LDR/GDR
  • Check if Kerberos.dll file version is less than 6.1.7601.17926
  • OR Check for LDR
  • the version of kerberos.dll is greater than 6.1.7601.20000
  • AND Check if Kerberos.dll file version is less than 6.1.7601.22084
    • BACK