Oval Definition:oval:org.mitre.oval:def:28173
Revision Date:2015-08-10Version:25
Title:Active Directory Federation Services information disclosure vulnerability - CVE-2014-6331 (MS14-077)
Description:Microsoft Active Directory Federation Services (AD FS) 2.0, 2.1, and 3.0, when a configured SAML Relying Party lacks a sign-out endpoint, does not properly process logoff actions, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation, aka "Active Directory Federation Services Information Disclosure Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-6331
Platform(s):Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s):Microsoft Active Directory Federation Services
Definition Synopsis
  • 2.0/2008 x86/version
  • ldr/gdr
  • Check if the version of microsoft.identityserver.dll is less than 6.1.7601.18622
  • OR LDR ranges
  • Check if the version of microsoft.identityserver.dll is less than 6.1.7601.22828
  • AND Check if the version of microsoft.identityserver.dll is greater than or equal to 6.1.7601.22000
  • AND Microsoft Windows Server 2008 (32-bit) is installed
  • AND Microsoft Active Directory Federation Services is installed
  • OR 2.0/2008 x64/ 2008 R2/version
  • either os
  • Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • AND ldr/gdr
  • Check if the version of microsoft.identityserver.dll is less than 6.1.7601.18620
  • OR LDR ranges
  • Check if the version of microsoft.identityserver.dll is less than 6.1.7601.22827
  • AND Check if the version of microsoft.identityserver.dll is greater than or equal to 6.1.7601.22000
  • AND Microsoft Active Directory Federation Services is installed
  • OR 2.0/2012/version
  • Microsoft Windows Server 2012 (64-bit) is installed
  • AND ldr/gdr
  • Check if the version of microsoft.identityserver.dll is less than 6.2.9200.17135
  • OR LDR ranges
  • Check if the version of microsoft.identityserver.dll is less than 6.2.9200.21252
  • AND Check if the version of microsoft.identityserver.dll is greater than or equal to 6.2.9200.21000
  • AND Microsoft Active Directory Federation Services is installed
  • OR 3.0/versions
  • Microsoft Windows Server 2012 R2 is installed
  • AND Check if the version of Microsoft.identityserver.dll is less than 6.3.9600.17412
  • AND Microsoft Active Directory Federation Services is installed
    • BACK