• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Windows Kerberos PKINIT Man In The Middle Vulnerability

The PKINIT implementation in Microsoft Windows is susceptible to a man in the middle vulnerability. This issue is due to a failure of the software to properly validate network data. This issue is only exploitable by attackers that have access to valid logon credentials.

Attackers exploit this issue to spoof the domain controller/KDC during the initial authentication process. By spoofing the domain controller/KDC, attackers may gain access to the cleartext contents of encrypted network traffic in arbitrary Kerberos-enabled services. Other attacks may also be possible.

Microsoft implements draft 9 of the IETF PKINIT specification, and states that the vulnerability is in the protocol specification itself. Other implementations of PKINIT may therefore also be vulnerable to this issue.