604 matches found
CVE-2016-3300
The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 improperly establishes secure communications channels, which allows local users to gain privileges by leveraging access to a domain-joined machine, aka "Netlogon Elevation of Privilege Vulnerability...
Privilege escalation
The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 improperly establishes secure communications channels, which allows local users to gain privileges by leveraging access to a domain-joined machine, aka "Netlogon Elevation of Privilege Vulnerability...
CVE-2016-3300
The Netlogon service in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 improperly establishes secure communications channels, which allows local users to gain privileges by leveraging access to a domain-joined machine, aka "Netlogon Elevation of Privilege Vulnerability...
CVE-2016-3300
The CVE-2016-3300 Netlogon Elevation of Privilege vulnerability affects Windows 8.1, Windows Server 2012 (Gold/R2) and Windows RT 8.1, where Netlogon improperly establishes secure channels to a domain controller, enabling local privilege escalation on domain-joined machines. The root cause is in ...
NetLogon Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows Netlogon improperly establishes a secure communications channel to a domain controller. An attacker who successfully exploited the vulnerability could run a specially crafted application on a domain-joined system. To exploit the...
Microsoft Windows Netlogon CVE-2016-3300 Remote Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges within the context of the affected system. Technologies Affected Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Syste...
KLA10856 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper embedded...
MS16-101: Security Update for Windows Authentication Methods (3178465)
The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - A security downgrade vulnerability exists in Kerberos due to improper handling of password change requests. A man-in-the-middle attacker can exploit this to cause the authentication...
Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a specially crafted NetLogon request...
CVE-2016-3228
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."...
CVE-2016-3228
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."...
Remote code execution
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."...
CVE-2016-3228
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."...
CVE-2016-3228
CVE-2016-3228 affects Microsoft Windows Netlogon: remote authenticated attackers could cause memory corruption and execute arbitrary code on domain controllers via a crafted NetLogon request. Affected products include Windows Server 2008 SP2, R2 SP1, and Windows Server 2012 (Gold/R2). Root cause ...
Microsoft Windows Netlogon Memory Corruption Remote Code Execution Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. A memory corruption remote code execution vulnerability exists in Microsoft Windows, which arises from a program's failure to properly handle objects in memory. A remote attacker is allowed to exploit t...
Microsoft Windows Netlogon Remote Code Execution Vulnerability (3167691)
This host is missing an important security update according to Microsoft Bulletin MS16-076. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Windows NetLogon Memory Corruption Remote Code Execution Vulnerability
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution when Windows improperly handles objects in memory. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. To exploit the...
MS16-075 and MS16-076: Description of the security update for Windows Netlogon and SMB Server: June 14, 2016
MS16-075 and MS16-076: Description of the security update for Windows Netlogon and SMB Server: June 14, 2016 Summary This security update resolves a vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted...
MS16-076: Description of the security update for Netlogon: June 14, 2016
MS16-076: Description of the security update for Netlogon: June 14, 2016 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to a primary domain controller PDC on a target network runs a special...
MS16-076: Security update for Netlogon: June 14, 2016
Resolves a vulnerability in Windows that could allow remote code execution if an attacker with access to a domain controller DC on a target network runs a specially crafted application to establish a secure channel to the DC as a replica domain controller.SummaryThis security update resolves a...