609 matches found
Default configuration
An issue was discovered in Veritas System Recovery before 21.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the from \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create directories...
CVE-2020-36167
An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...
CVE-2020-36160
An issue was discovered in Veritas System Recovery before 21.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the from \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create directories...
Exploit for CVE-2020-1472
CVE-2020-1472 is a vulnerability in the Windows Netlogon service that allows an unauthenticated attacker to set the password of the Domain Controller account to an empty string NT hash=31d6cfe0d16ae931b73c59d7e0c089c0. This vulnerability is also known as the "Zerologon" vulnerability. The exploit...
Exploit for CVE-2020-1472
PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows for authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempts to perform a Netlogon authentication bypass. The script will immediately terminate when successfully...
Chinese APT Hackers Target Southeast Asian Government Institutions
Cybersecurity researchers today unveiled a complex and targeted espionage attack on potential government sector victims in South East Asia that they believe was carried out by a sophisticated Chinese APT group at least since 2018. "The attack has a complex and complete arsenal of droppers,...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Security Advisory - Netlogon Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC. An attacker who successfully exploited the vulnerability could run a specially crafted application on a...
samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results
A NULL pointer dereference, or possible use-after-free flaw was found in the Samba AD LDAP server. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to...
Denial Of Service (DoS)
Wildfly is vulnerable to denial of service DoS. An out of memory OOM error occurs as host-controller is looping to generate new connections which are not properly closed while not able to connect to domain-controller...
Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug
Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a situation that’s been a persistent worry to both the company and the U.S. government over the last few months. Both on Thursday renewed their pleas to businesses and end users to update Windows systems with a patch...
Attacks exploiting Netlogon vulnerability (CVE-2020-1472)
Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol CVE-2020-1472 which was previously addressed in security updates starting on August 11, 2020. If the original guidance is not applied, the...
Pulse Secure Desktop Client Client Registry Elevation of Privilege Vulnerability
Pulse Secure Desktop Client is scalable, multi-service network client that supports integrated connectivity and secure location-aware network access. A client registry privilege escalation vulnerability exists in Pulse Secure Desktop Client Linux versions prior to 9.1R9, which originates in the...
CVE-2020-8239
A vulnerability in the Pulse Secure Desktop Client 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client Windows and Windows PDC...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
CVE-2020-15931
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...
CVE-2020-15931
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...
Authentication flaw
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...
CVE-2020-15931
Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator that is configured within the product in its installation state by generating a single Kerberos Pre-Authentication Failed ID 4771 event on a...
CVE-2020-15931
Netwrix Account Lockout Examiner prior to 5.1 is affected. The issue enables remote attackers to capture the Domain Administrator’s Net-NTLMv1/v2 challenge hashes by eliciting a single Kerberos Pre-Authentication Failed (Event ID 4771) on a Domain Controller. Affected component is the Netwrix ALE...