Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows remote attackers to trigger an unintended permissive configuration by spoofing DNS and LDAP responses on a local network, aka "NLA Security Feature Bypass Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft NLA安全功能规避漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。Network Location Awareness(NLA)是其中的一个网络位置感知服务。 Microsoft NLA服务可能会无意中放松防火墙策略和/或某些服务的配置,而安全功能规避漏洞正是存在于该服务中。 这可能会增加暴露给攻击者的表面。当NLA服务无法正确验证域连接的计算机已连接到域还是连接到不可信的网络时,就会导致该漏洞。以下产品和版本受到影响:Microsoft Windows Server 2003
CVSS Information
N/A
Vulnerability Type
N/A