Lucene search
K

738 matches found

securityvulns
securityvulns
added 2006/05/20 12:0 a.m.37 views

Re[2]: The Weakness of Windows Impersonation Model

thanks for reference David. As advisory notes impersonation implications are not something new. We would like to stress the fact of how easy it is to exploit by two notable samples. - An attacker can reliably elevate a context running on behalf of Network Service acccount. For example, by default...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2006/05/20 12:0 a.m.39 views

Windows limited service account privilege escalation

By using security tokens located in process memory it's possible to escalate privileges from limited service account, such as Network Service or Microsoft SQL Service account...

3.8AI score
Exploits0References4
securityvulns
securityvulns
added 2006/05/20 12:0 a.m.37 views

Re: The Weakness of Windows Impersonation Model

Hi Brian, I wrote a paper on this subject last year, "Snagging Security Tokens to Elevate Privileges" http://www.databasesecurity.com/dbsec-briefs.htm after Tim Mullen and thrashed out a few details at Blackhat last year over a few White Russians. The paper discusses the problem in the context of...

1.5AI score
Exploits0
NVD
NVD
added 2005/01/10 5:0 a.m.9 views

CVE-2004-1295

The slipdown function in slip.c for the umlnet program in uml-utilities 20030903, when umlnet is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service network service disabled...

2.1CVSS6.2AI score0.00361EPSS
Exploits1References2
Cvelist
Cvelist
added 2004/12/22 5:0 a.m.17 views

CVE-2004-1295

The slipdown function in slip.c for the umlnet program in uml-utilities 20030903, when umlnet is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service network service disabled...

6.2AI score0.00361EPSS
Exploits1References2
CVE
CVE
added 2004/12/22 5:0 a.m.43 views

CVE-2004-1295

CVE-2004-1295 affects uml-utilities (uml_net, 20030903) where slip_down in slip.c does not verify caller permissions when uml_net is installed setuid root. This permits local users to cause a denial of service by disabling an interface. The available sources (NVD entry, CVE records) confirm the v...

2.1CVSS6.2AI score0.00361EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2004/12/22 5:0 a.m.12 views

CVE-2004-1295

The slipdown function in slip.c for the umlnet program in uml-utilities 20030903, when umlnet is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service network service disabled...

2.1CVSS2.8AI score0.00361EPSS
Exploits1
Symantec
Symantec
added 2004/12/14 12:0 a.m.25 views

Microsoft Windows DHCP Server Logging Remote Denial Of Service Vulnerability

Description Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote denial of service vulnerability in its logging functionality. This issue is due to a failure of the application to properly handle user-supplied network input. This vulnerability allows remote...

7.8AI score
Exploits0References1Affected Software5
Exploit DB
Exploit DB
added 2004/06/14 12:0 a.m.17 views

FreeIPS 1.0 Protected Service - Denial of Service

/ source: https://www.securityfocus.com/bid/10541/info It is reported that FreeIPS is susceptible to a denial of service vulnerability. FreeIPS scans TCP connections for particular strings, defined by regular expressions. If a packet matches the regular expression, FreeIPS assumes malicious inten...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/06/21 12:0 a.m.41 views

Portmon file arbitrary read/write access vulnerability

Package: Portmon Auth: http://www.aboleo.net/ Versions: 1.7 prior ? Vulnerability: File arbitrary read/write access vulnerability Portmon is a network service monitoring daemon http://www.aboleo.net/software/portmon/. "In order to use ping support, Portmon must run as root or be installed setuid...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.2282 views

Microsoft Windows SMB Service Detection

The remote service understands the CIFS Common Internet File System or Server Message Block SMB protocol, used to provide shared access to files, printers, etc between nodes on a network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11011; scriptversion"1.43";...

5.5AI score
Exploits0
Exploit DB
Exploit DB
added 2000/08/08 12:0 a.m.28 views

Aptis Software TotalBill 3.0 - Remote Command Execution

// source: https://www.securityfocus.com/bid/1555/info Aptis Software offers a billing / provisioning solution for ISPs called TotalBill. One component of the TotalBill package is a network service called Sysgen that listens on or around port 9998. It allows a client connectiing to it to execute...

7AI score
Exploits0
exploitpack
exploitpack
added 2000/08/08 12:0 a.m.15 views

Aptis Software TotalBill 3.0 - Remote Command Execution

Aptis Software TotalBill 3.0 - Remote Command Execution // source: https://www.securityfocus.com/bid/1555/info Aptis Software offers a billing / provisioning solution for ISPs called TotalBill. One component of the TotalBill package is a network service called Sysgen that listens on or around por...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2000/07/01 12:0 a.m.540 views

vpopmail-3.4.11 problems

The vpopmail package is an extension for Qmail that allows easy management of virtual domains and can use a SQL backend for storing user accounts. The program vchkpw in that package contains a vulnerability in its logging routines. The vchkpw program handles the username/password/domain...

Exploits0
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.15 views

CVE-1999-0586

A network service is running on a nonstandard port...

6.6AI score0.01316EPSS
Exploits0References1
CVE
CVE
added 2000/02/04 5:0 a.m.43 views

CVE-1999-0586

Technical details about CVE-1999-0586 are not publicly available in the provided documents. No affected products, versions, or remediation are specified. Monitor for updates from vendors and security advisories.

7AI score0.01316EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 1999/01/01 5:0 a.m.2 views

CVE-1999-0621

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. Notes: the former description i...

5.3AI score
Exploits0References1
NVD
NVD
added 1999/01/01 5:0 a.m.7 views

CVE-1999-0586

A network service is running on a nonstandard port...

6.6AI score0.01316EPSS
Exploits0References1
Rows per page
Query Builder