Lucene search
K

148 matches found

Cvelist
Cvelist
added 2020/01/26 8:4 p.m.26 views

CVE-2020-7984

SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent & Probe settings, and obtain other sensitive information. The attacker can use a customer ID to self register and read any aspects of the...

7.5AI score0.02475EPSS
Exploits1References8
MSRC
MSRC
added 2019/11/20 8:0 a.m.11 views

Customer Guidance for the Dopplepaymer Ransomware

Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymerransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP BlueKeep, as ways in which this malware spreads. Our security research teams have investigated and...

1.9AI score
Exploits0
MSRC
MSRC
added 2019/11/20 8:0 a.m.7 views

Customer Guidance for the Dopplepaymer Ransomware

Microsoft has been investigating recent attacks by malicious actors using the Dopplepaymerransomware. There is misleading information circulating about Microsoft Teams, along with references to RDP BlueKeep, as ways in which this malware spreads. Our security research teams have investigated and...

6.8AI score
Exploits0
GithubExploit
GithubExploit
added 2019/06/18 12:10 p.m.115 views

Exploit for CVE-2019-1040

CVE-2019-1040-dcpwn Great writeup! Exploiting CVE-2019-1040...

5.9CVSS7.9AI score0.48043EPSS
Exploits6
GithubExploit
GithubExploit
added 2019/06/14 11:16 a.m.170 views

Exploit for CVE-2019-1040

CVE-2019-1040 Great writeup! Exploiting CVE-2019-1040 - Comb...

5.9CVSS7.9AI score0.48043EPSS
Exploits6
OSV
OSV
added 2019/01/17 8:29 p.m.3 views

CVE-2018-20735

An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by default the PatrolCli / PATROL Agent application only verifies if...

7.8CVSS5.8AI score0.07488EPSS
Exploits6References2
Vulnrichment
Vulnrichment
added 2019/01/17 8:0 p.m.16 views

CVE-2018-20735

An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by default the PatrolCli / PATROL Agent application only verifies if...

8.1AI score0.07488EPSS
Exploits6References2
CVE
CVE
added 2019/01/17 8:0 p.m.89 views

CVE-2018-20735

BMC PATROL Agent (PatrolCli) up to version 11.3.01 is vulnerable to privilege escalation and potential domain-wide lateral movement. The PatrolCli/PATROL Agent authentication only validates the user password, not the user’s network permissions, enabling a low-privilege domain account to authentic...

7.8CVSS8AI score0.07488EPSS
Exploits6References2Affected Software1
The Coalfire Blog
The Coalfire Blog
added 2018/09/11 10:15 a.m.23 views

From OSINT to Internal: Gaining Domain Admin from Outside the Perimeter

When I first began working at Coalfire in early 2017, I couldnt wait to get started pentesting professionally for the first time. When I finally got tasked with my first gig, I dove right in. I was tasked to perform an assessment of the external network. After hitting all known servers and web...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2017/07/11 8:23 p.m.88 views

Critical Flaws Found in Windows NTLM Security Protocol – Patch Now

As part of this month's Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007. Researchers at behavioral firewall specialist Preempt discovered two...

5.1CVSS8.7AI score0.07176EPSS
Exploits0
Citrix
Citrix
added 2017/05/19 12:0 a.m.9 views

How to Add a Domain Admin Group to Local Admin Group Using Role Based Access Control on XenMobile

This article describes how to add a group of domain admins to the local admin group within XenMobile Server so they have access to the console...

6.9AI score
Exploits0
Prion
Prion
added 2017/02/08 10:59 p.m.16 views

Cross site scripting

A vulnerability has been identified in IBM Cloud Orchestrator services/action/launch API. An authenticated domain admin user might modify cross domain resources via a /services/action/launch API call, provided it would have been possible for the domain admin user to gain access to a resource...

1.7CVSS6.6AI score0.00244EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2017/02/08 10:0 p.m.41 views

CVE-2015-7494

The CVE-2015-7494 entry relates to IBM Cloud Orchestrator: an authenticated domain admin could modify cross-domain resources via the services/[action]/launch API if able to obtain a resource identifier from another domain. The IBM bulletin details affected products (IBM Cloud Orchestrator and IBM...

2.8CVSS4.1AI score0.00244EPSS
Exploits0References2Affected Software2
Metasploit
Metasploit
added 2015/04/29 8:40 a.m.36 views

Windows Gather Active Directory BitLocker Recovery

This module will enumerate BitLocker recovery passwords in the default AD directory. This module does require Domain Admin or other delegated privileges. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/12/23 12:0 a.m.43 views

SysAid Server - Arbitrary File Disclosure

Vantage Point Security Advisory 2014-004 ======================================== Title: SysAid Server Arbitrary File Disclosure ID: VP-2014-004 Vendor: SysAid Affected Product: SysAid On-Premise Affected Versions: Summary: --- SysAid Server is vulnerable to an unauthenticated file disclosure...

7.4AI score
Exploits0
Prion
Prion
added 2014/11/18 11:59 p.m.22 views

Code injection

The Kerberos Key Distribution Center KDC in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a...

9CVSS6.5AI score0.87448EPSS
Exploits8References7Affected Software3
CERT
CERT
added 2014/11/18 12:0 a.m.964 views

Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature

Overview Microsoft Windows Kerberos KDC contains a vulnerability allowing an authenticated unprivileged domain user to escalate privileges to a domain administrator account, allowing the user to compromise any computer on the domain. Description CWE-347: Improper Verification of Cryptographic...

9CVSS8.6AI score0.87448EPSS
Exploits8References3
securityvulns
securityvulns
added 2014/10/14 12:0 a.m.96 views

[CERT VU#121036 / Multiple CVEs] RCE, domain admin creds leakage and more in BMC Track-It!

Hi, tl;dr - I am releasing two 0 day exploits for BMC Track-It!. One is a RCE and the other gets you the domain admin and SQL database creds. Other minor vulns are also disclosed. Details below. CERT handled the disclosure for these vulnerabilities see CERT VU121036 and according to them BMC didn...

7.5CVSS0.2AI score0.80095EPSS
Exploits16
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.42 views

0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability [0day]

...................................... / / | | / / / / / | |/ / / / / / / ^ / / / // | / / / / || / ...................................... 0A29-14-1 : NCCGroup EasyDA privilege escalation & credential disclosure vulnerability 0day Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 -...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2012/05/11 12:0 a.m.23 views

Owncloud 3.0.3 Clear Text Password Storage

Owncloud App "Ldap user backend" stored password in clear text Author: francesco.tornieri "At" verona-wireless.net Summary: store domain admin password in clear text Discovery date: 09/05/2012 Developer date contact : 09/05/2012 Where: From local Release Date: 11/05/2012 Criticality level: High...

7.4AI score
Exploits0
Rows per page
Query Builder