112 matches found
CVE-2025-23120
A vulnerability allowing remote code execution RCE for domain users...
Veeam Backup and Replication 12.x < 12.3.1.1139 Authenticated RCE (March 2025) (KB4724)
The version of Veeam Backup and Replication installed on the remote Windows host is 12.x prior to 12.3.1.1139. It is, therefore, affected by an authenticated remote code execution vulnerability: - A vulnerability allowing remote code execution RCE by authenticated domain users. Note: This...
PT-2025-11958
Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 12.3.1 Description A deserialization flaw exists in Veeam Backup & Replication, where the application improperly handles serialized data. This allows an authenticated domain user or a member of the...
VMWare Enumerate User Accounts
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Enumerate User Accounts', 'Description' = %Q This module will log into the Web API of VMWare and try to enumerate all the user accounts. I...
Kerberos Domain User Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/kerberos' class MetasploitModule 'Kerberos Domain User Enumeration',...
CVE-2024-39031
In Silverpeas Core = 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the "Titre" and "Description" fields when...
MS-NRPC Domain Users Enumeration
This module will enumerate valid Domain Users via no authentication against MS-NRPC interface. It calls DsrGetDcNameEx2 to check if the domain user account exists or not. It has been tested with Windows servers 2012, 2016, 2019 and 2022. Module Options msf use auxiliary/scanner/dcerpc/nrpcenumuse...
CVE-2024-3183 Freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...
CVE-2024-3183
CVE-2024-3183 affects FreeIPA and relates to Kerberos TGS-REQs: tickets for a target principal are encrypted with that principal’s key, which for user principals is derived from a per-principal salt and password. If a principal is compromised, an attacker could offline-brute-force passwords for o...
freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...
freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...
freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...
freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user...
Important: ipa security update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: delegation rules allow a proxy service to impersonate any user to access another target service...
VulnCheck KEV: CVE-2022-31656
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...
Rocky Linux 8 : samba (RLSA-2021:5082)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5082 advisory. - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wi...
Citrix Workspace App Shows as Blank Page for Domain Users
Domain users can launch app/desktop via web successfully 2. Cannot see the add account page of Citrix WorkSpace App...
NewStart CGSL CORE 5.05 / MAIN 5.05 : samba Multiple Vulnerabilities (NS-SA-2023-0016)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has samba packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the...
SUSE CVE-2015-2752
The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...
PowerHuntShares - Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains
PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intented to help IAM and other blue teams gain a better understand of their SMB Share attack surface and provides data insights t...