PT-2022-5466 · Microsoft · Windows Distributed File System +1

Name of the Vulnerable Software and Affected Versions: Windows Distributed File System DFS affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows Distributed File System DFS component, which can allow an attacker to disclose...

CVE-2022-38025 Windows Distributed File System (DFS) Information Disclosure Vulnerability

...

CVE-2022-34719

Windows Distributed File System DFS Elevation of Privilege Vulnerability...

CVE-2022-34719

Windows Distributed File System DFS Elevation of Privilege Vulnerability...

CVE-2022-34719 Windows Distributed File System (DFS) Elevation of Privilege Vulnerability

...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation. A security vulnerability exists in the Microsoft Windows Distributed File System DFS. The following products and editions are affected: Windows 10 Version 20H2 for x64-based...

PT-2022-5644 · Microsoft · Windows Distributed File System +1

Name of the Vulnerable Software and Affected Versions: Windows Distributed File System DFS affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Distributed File System DFS component, allowing an attacker to elevate their privileges...

DFSCoerce

Coerce an authentication attempt over SMB to other machines via MS-DFSNM methods. Module Options msf use auxiliary/scanner/dcerpc/dfscoerce msf auxiliarydfscoerce show actions ...actions... msf auxiliarydfscoerce set ACTION msf auxiliarydfscoerce show options ...show and set options... msf...

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System DFS: Namespace Management Protocol MS-DFSNM to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service...

GHSA-7Q56-MP4C-GGGG Improper Access Control in Apache Hadoop

In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service...

February 1, 2022, update for Office 2013 (KB5002151)

February 1, 2022, update for Office 2013 KB5002151 This article describes update 5002151 for Microsoft Office 2013 that was released on February 1, 2022. This update also applies to Office Home and Student 2013 RT.Be aware that the update in the Microsoft Download Center applies to the Microsoft...

The vulnerability of the Distributed File component in the HarmonyOS operating system, related to errors in cryptographic transformations, allows attackers to read and delete images from Harmony devices.

The vulnerability of the Distributed File component in the HarmonyOS operating system is related to errors in cryptographic transformations. Exploiting this vulnerability allows a malicious actor to remotely read and delete images from Harmony devices...

The vulnerability of the Distributed File component in the HarmonyOS operating system arises from insufficient validation of input data, allowing attackers to disclose sensitive information that should be protected.

The vulnerability of the Distributed File component in the HarmonyOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

Huawei HarmonyOS Distributed File Component Null Pointer Access Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. A null pointer access vulnerability exists in the distributed file component of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. An attacker could exploit this vulnerability to cause the...

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An input validation error vulnerability exists in the distributed file component of some Huawei products. An attacker could exploit the vulnerability to caus...

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. A null pointer access vulnerability exists in the distributed file component of Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. An attacker could exploit this vulnerability to cause the...

OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-03041)

OX App Suite is a modular platform designed for telcos, hosting companies and vendors to deliver a wide range of cloud-based services. A cross-site scripting vulnerability exists in OX App Suite 7.10.4. An attacker can exploit this vulnerability to conduct cross-site scripting attacks by using th...

Privilege Escalation

kernel is vulnerable to privilege escalation. A flaw was found in the dnsresolver upcall used by CIFS. A local, unprivileged user could redirect a Microsoft Distributed File System link to another IP address, tricking the client into mounting the share from a server of the user's choosing...

[SECURITY] Fedora 28 Update: glusterfs-4.1.6-1.fc28

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...

[SECURITY] Fedora 29 Update: glusterfs-5.1-1.fc29

GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. GlusterFS is one of the most sophisticated file systems in terms of features and...