27 matches found
CVE-2026-41429
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...
arduino-esp32 安全漏洞
Arduino-ESP32 is an open-source project by Espressif, designed for use with the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, and ESP32-H2 boards. Versions of Arduino-ESP32 prior to 3.3.8 contained a security vulnerability. This vulnerability stemmed from a remote exploitable memory corruption...
CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon nmbd...
CVE-1999-0288
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service process termination via invalid UDP frames to port 137 NETBIOS Name Service, as demonstrated via a flood of random packets...
Exploit for CVE-2025-10230
CVE-2025-10230 CVE-2025-102...
NetBIOS Name Service Spoofer
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Name Service Spoofer', 'Description' = %q This module forges NetBIOS Name Service NBNS responses. It will listen for NBNS requests sent t...
WPAD.dat File Server
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WPAD.dat File Server', 'Description' = %q This module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in...
SUSE CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon nmbd...
Tater
It is an offensive tool for Windows Privilege Escalation. The primary CVE ID is not explicitly mentioned, but the tool is based on the Hot Potato Windows Privilege Escalation exploit, which is a known vulnerability. The target product/service is Windows, and the vulnerability class/vector is...
SUSE CVE-2014-3560
NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...
CVE-2021-21961
A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability...
The vulnerability of Samba software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in the NetBIOS name service daemon nmbd of Samba allows malicious actors to execute arbitrary code by manipulating dynamic memory using the sizeof operation, with respect to an incorrect variable in the unstrcpy macro in stringwrappers.h...
BadTunnel: Cross-Segment hijacking the broadcast Protocol-vulnerability warning-the black bar safety net
! 0x00 introduction This paper proposes a new attack model, can cross network segment hijacking the TCP/IP broadcast Protocol, we named it“BadTunnel” in. Using this method, you can achieve cross-subnet NetBIOS Name Service Spoofing attacks. Both the attacker and the user are in the same network...
Patched BadTunnel Windows Bug Has 'Extensive' Impact
Among the more than three dozen vulnerabilities Microsoft patched on Tuesday was a fix for a bug that the researcher who found it said has “probably the widest impact in the history of Windows.” “There were also some wide impact vulnerabilities before, but maybe not like this extensive,” Chinese...
Norton Internet Security NBNS Response Processing Stack Overflow - Ver2 (CVE-2004-0444)
Norton Internet Security is a security solution produced by Symantec corporation. If the Firewall component allows traffic on port 137/UDP, this traffic will be parsed as NetBIOS Name Service messages. There exists a vulnerability in the Symantec Firewall product line. A specially crafted NetBIOS...
DEBIAN-CVE-2014-3560
NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...
Ubuntu 14.04 LTS : Samba vulnerability (USN-2305-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2305-1 advisory. Volker Lendecke discovered that the Samba NetBIOS name service daemon incorrectly handled certain memory operations. A remote attacker could use this issue to...
USN-2305-1 samba vulnerability
Volker Lendecke discovered that the Samba NetBIOS name service daemon incorrectly handled certain memory operations. A remote attacker could use this issue to execute arbitrary code as the root user...
Debian: Security Advisory (DSA-2966-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[Responder] a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server
Responder is a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is first an LLMNR and NBT-NS responder, it will answer to specific NBT-NS NetBIOS Name...