VYPR

Internet Authentication Service

by Microsoft

CVEs (3)

  • CVE-2015-0015Jan 13, 2015
    risk 0.06cvss epss 0.79

    Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server…

  • CVE-2009-2505Dec 9, 2009
    risk 0.03cvss epss 0.32

    The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute arbitrary code via crafted…

  • CVE-2009-3677Dec 9, 2009
    risk 0.02cvss epss 0.22

    The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly verify the credentials in an MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication…