Unrated severityNVD Advisory· Published Mar 11, 2015· Updated Jun 17, 2026
CVE-2015-0005
CVE-2015-0005
Description
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted application and leveraging the ability to sniff network traffic, aka "NETLOGON Spoofing Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:datacenter:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:essentials:*:*:*
- cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:standard:*:*:*
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/130773/Windows-Pass-Through-Authentication-Methods-Improper-Validation.htmlnvdExploit
- www.coresecurity.com/advisories/windows-pass-through-authentication-methods-improper-validationnvdExploit
- seclists.org/fulldisclosure/2015/Mar/60nvd
- www.securitytracker.com/id/1031891nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-027nvd
- www.samba.org/samba/history/samba-4.2.10.htmlnvd
News mentions
0No linked articles in our index yet.