The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s Common Log File System driver arises from operations that go beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges through a specially created application...

CVE-2016-7295

The Common Log File System CLFS driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from...

Nagios Core < 4.2.4 - Root Privilege Escalation (CVE-2016-9566)

INTRODUCTION ------------------------- Nagios Core daemon in versions below 4.2.4 was found to perform unsafe operations when handling the log file. This could be exploited by malicious local attackers to escalate their privileges from 'nagios' system user, or from a user belonging to 'nagios'...

Design/Logic Flaw

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

CVE-2016-9566

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

CVE-2016-9566

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

CVE-2016-9566

Removed by vendor...

CVE-2016-9566

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

UBUNTU-CVE-2016-9566

base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565...

Nagios Privilege Escalation Vulnerability

Nagios is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nagios:nagios"; if...

CVE-2016-4443

Red Hat Enterprise Virtualization RHEV Manager 3.6 allows local users to obtain encryption keys, certificates, and other sensitive information by reading the engine-setup log file...

Microsoft Windows Local Information Disclosure Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An information disclosure vulnerability exists in the Microsoft Windows Universal Log File System driver, which arises from a failure of the program driver to properly handle objects in memory. The...

Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (3207328)

This host is missing an important security update according to Microsoft Bulletin MS16-153. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

December 2016 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2

December 2016 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 Summary This security update resolves the following vulnerabilities in Windows 8.1 and Windows Server 2012 R2: MS16-153 Security update for common log file system driver MS16-151 Security update for Windows...

MS16-153: Description of the security update for Common Log File System driver: December 13, 2016

MS16-153: Description of the security update for Common Log File System driver: December 13, 2016 Summary This security update resolves a vulnerability in Microsoft Windows that could allow Information Disclosure when the Windows Common Log File System CLFS driver improperly handles objects in...

December 2016 Security Only Quality Update for Windows Server 2012

December 2016 Security Only Quality Update for Windows Server 2012 Summary This security update resolves the following vulnerabilities in Windows Server 2012: MS16-153 Security update for common log file system driver MS16-151 Security update for Windows kernel-mode drivers MS16-149 Security upda...

December 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1

December 2016 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows: MS16-153 Security update for common log file system driver MS16-151 Security update for Windows kernel-mode drivers MS16-1...

December 2016 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1

December 2016 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows 7 and Windows Server 2008 R2: MS16-153 Security update for common log file system driver MS16-151 Security update for Windows...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Common Log File System CLFS driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have...

MS16-153: Security update for Common Log File System driver: December 13, 2016

Resolves a vulnerability in Windows that could allow information disclosure when the Windows Common Log File System CLFS driver improperly handles objects in memory. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to bypass...