PT-2005-2931 · Microsoft · Windows 2000+2

Aaron Jaggard

Published

2005-08-10

Updated

2019-04-30

CVE-2005-1982

CVSS v2.0

3.6

Low

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the patchday that contains the fix for this issue

Description The issue allows a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used. This occurs due to an unknown vulnerability in the PKINIT Protocol.

Recommendations For Microsoft Windows 2000, Windows XP, and Windows Server 2003, apply the patch from the patchday that contains the fix for this issue to resolve the problem. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1982

Affected Products

Windows 2000

Windows Server 2003

Windows Xp

PT-2005-2931 · Microsoft · Windows 2000+2

CVE-2005-1982

Related Identifiers

Affected Products

References · 12