Lucene search
K

610 matches found

RedHat Linux
RedHat Linux
added 2014/03/25 2:9 p.m.33 views

Moderate: Red Hat Security Advisory: samba and samba3x security update

Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

5CVSS7.1AI score0.10557EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2014/03/11 12:0 a.m.230 views

MS14-016: Vulnerability in Security Account Manager Remote (SAMR) Protocol Could Allow Security Feature Bypass (2934418)

A security feature bypass vulnerability exists in Windows due to the Security Account Manager Remote SAMR protocol incorrectly validating the user lockout state. Remote, authenticated attackers can exploit this issue to conduct brute force attacks against user passwords. Note that the host must...

5.4CVSS5.6AI score0.10167EPSS
Exploits1References2
Metasploit
Metasploit
added 2014/02/18 11:9 p.m.60 views

Windows Gather Group Policy Preference Saved Passwords

This module enumerates the victim machine's domain controller and connects to it via SMB. It then looks for Group Policy Preference XML files containing local user accounts and passwords and decrypts them using Microsofts public AES key. Cached Group Policy files may be found on end-user devices ...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.20 views

RedHat Update for samba4 RHSA-2013:1805-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS8.2AI score0.02748EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.22 views

CentOS Update for libsmbclient CESA-2013:1806 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.7AI score0.09017EPSS
Exploits0References2
CVE
CVE
added 2013/12/10 2:0 a.m.131 views

CVE-2013-4408

Samba vulnerability CVE-2013-4408: A heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function (librpc/rpc/dcerpc_util.c) in winbindd allows remote code execution via an invalid fragment length in a DCE-RPC packet. Affected releases: Samba 3.x before 3.6.22, 4.0.x before 4.0.13, an...

8.3CVSS8.4AI score0.02748EPSS
Exploits0References18Affected Software1
RedHat Linux
RedHat Linux
added 2013/12/09 11:30 p.m.57 views

Important: Red Hat Security Advisory: samba4 security update

Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.3CVSS7.6AI score0.02748EPSS
Exploits0References3
NVD
NVD
added 2013/11/13 3:55 p.m.23 views

CVE-2013-4476

Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controll...

1.2CVSS5.7AI score0.00435EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2013/11/13 3:55 p.m.23 views

CVE-2013-4476

Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controll...

1.2CVSS7.1AI score0.00435EPSS
Exploits0References4
Prion
Prion
added 2013/11/13 3:55 p.m.19 views

Design/Logic Flaw

Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controll...

1.2CVSS6.2AI score0.00435EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2013/11/13 3:0 p.m.24 views

CVE-2013-4476

Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses world-readable permissions for a private key, which allows local users to obtain sensitive information by reading the key file, as demonstrated by access to the local filesystem on an AD domain controll...

5.6AI score0.00435EPSS
Exploits0References6
myhack58
myhack58
added 2013/09/16 12:0 a.m.29 views

Completely remove WSUS 3.0 approach-vulnerability warning-the black bar safety net

Upgrade the domain controller or demote a domain controller, wsus services usually fail, only by hand to completely remove wsus3. 0 and then re-install, the following is the result of several attempts later summed up the detailed operation of the steps of: 1, the...

1.4AI score
Exploits0
Metasploit
Metasploit
added 2013/09/13 11:29 p.m.11 views

HP ProCurve SNAC Domain Controller Credential Dumper

This module will extract Domain Controller credentials from vulnerable installations of HP SNAC as distributed with HP ProCurve 4.00 and 3.20. The authentication bypass vulnerability has been used to exploit remote file uploads. This vulnerability can be used to gather important information handl...

0.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2013/09/11 12:0 a.m.5 views

PT-2013-5210 · Hewlett Packard · Hp Procurve Manager +1

Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP ProCurve Manager+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue concerns the UpdateDomainControllerServlet in the SNAC registration server, which fails to...

10CVSS7.8AI score0.71293EPSS
Exploits6References9
Veeam
Veeam
added 2013/04/29 12:0 a.m.19 views

Patch 3 Release Notes for Veeam Backup & Replication 6.5

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge These are the issues resolved by the Patch 3 for Veeam Backup version 6.5.0.106 / 6.5.0.109 / 6.5.0.128. This patch is cumulative and contains fixes from Pat...

6.8AI score
Exploits0Affected Software1
Samba
Samba
added 2013/03/19 12:0 a.m.69 views

World-writeable files may be created in additional shares on a

Description Administrators of the Samba 4.0 Active Directory Domain Controller might unexpectedly find files created world-writeable if additional CIFS file shares are created on the AD DC. By default the AD DC is not vulnerable to this issue, as a specific inheritable ACL is set on the files in...

6CVSS7.1AI score0.02155EPSS
Exploits0
Veeam
Veeam
added 2013/03/01 12:0 a.m.16 views

A required privilege is not held by the client

Domain Controller configuration fails with an error: A required privilege is not held by the client...

2.6AI score
Exploits0
Prion
Prion
added 2013/01/17 9:55 p.m.23 views

Design/Logic Flaw

Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not properly interpret Access Control Entries that are based on an objectClass, which allows remote authenticated users to bypass intended restrictions on modifying LDAP directory objects by leveraging 1...

3.5CVSS6.7AI score0.02426EPSS
Exploits0References1Affected Software1
Metasploit
Metasploit
added 2013/01/03 11:41 p.m.68 views

Windows Gather Local and Domain Controller Account Password Hashes

This will dump local accounts from the SAM Database. If the target host is a Domain Controller, it will dump the Domain Account Database using the proper technique depending on privilege level, OS and role of the host. This module requires Metasploit: https://metasploit.com/download Current sourc...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/06/06 12:0 a.m.23 views

ADSI Settings

Gather and store the ADSI parameters to be used in other plugins. TRUSTED...

5.4AI score
Exploits0
Rows per page
Query Builder