738 matches found
Re[2]: The Weakness of Windows Impersonation Model
thanks for reference David. As advisory notes impersonation implications are not something new. We would like to stress the fact of how easy it is to exploit by two notable samples. - An attacker can reliably elevate a context running on behalf of Network Service acccount. For example, by default...
Windows limited service account privilege escalation
By using security tokens located in process memory it's possible to escalate privileges from limited service account, such as Network Service or Microsoft SQL Service account...
Re: The Weakness of Windows Impersonation Model
Hi Brian, I wrote a paper on this subject last year, "Snagging Security Tokens to Elevate Privileges" http://www.databasesecurity.com/dbsec-briefs.htm after Tim Mullen and thrashed out a few details at Blackhat last year over a few White Russians. The paper discusses the problem in the context of...
CVE-2004-1295
The slipdown function in slip.c for the umlnet program in uml-utilities 20030903, when umlnet is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service network service disabled...
CVE-2004-1295
The slipdown function in slip.c for the umlnet program in uml-utilities 20030903, when umlnet is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service network service disabled...
CVE-2004-1295
CVE-2004-1295 affects uml-utilities (uml_net, 20030903) where slip_down in slip.c does not verify caller permissions when uml_net is installed setuid root. This permits local users to cause a denial of service by disabling an interface. The available sources (NVD entry, CVE records) confirm the v...
CVE-2004-1295
The slipdown function in slip.c for the umlnet program in uml-utilities 20030903, when umlnet is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service network service disabled...
Microsoft Windows DHCP Server Logging Remote Denial Of Service Vulnerability
Description Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote denial of service vulnerability in its logging functionality. This issue is due to a failure of the application to properly handle user-supplied network input. This vulnerability allows remote...
FreeIPS 1.0 Protected Service - Denial of Service
/ source: https://www.securityfocus.com/bid/10541/info It is reported that FreeIPS is susceptible to a denial of service vulnerability. FreeIPS scans TCP connections for particular strings, defined by regular expressions. If a packet matches the regular expression, FreeIPS assumes malicious inten...
Portmon file arbitrary read/write access vulnerability
Package: Portmon Auth: http://www.aboleo.net/ Versions: 1.7 prior ? Vulnerability: File arbitrary read/write access vulnerability Portmon is a network service monitoring daemon http://www.aboleo.net/software/portmon/. "In order to use ping support, Portmon must run as root or be installed setuid...
Microsoft Windows SMB Service Detection
The remote service understands the CIFS Common Internet File System or Server Message Block SMB protocol, used to provide shared access to files, printers, etc between nodes on a network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11011; scriptversion"1.43";...
Aptis Software TotalBill 3.0 - Remote Command Execution
// source: https://www.securityfocus.com/bid/1555/info Aptis Software offers a billing / provisioning solution for ISPs called TotalBill. One component of the TotalBill package is a network service called Sysgen that listens on or around port 9998. It allows a client connectiing to it to execute...
Aptis Software TotalBill 3.0 - Remote Command Execution
Aptis Software TotalBill 3.0 - Remote Command Execution // source: https://www.securityfocus.com/bid/1555/info Aptis Software offers a billing / provisioning solution for ISPs called TotalBill. One component of the TotalBill package is a network service called Sysgen that listens on or around por...
vpopmail-3.4.11 problems
The vpopmail package is an extension for Qmail that allows easy management of virtual domains and can use a SQL backend for storing user accounts. The program vchkpw in that package contains a vulnerability in its logging routines. The vchkpw program handles the username/password/domain...
CVE-1999-0586
A network service is running on a nonstandard port...
CVE-1999-0586
Technical details about CVE-1999-0586 are not publicly available in the provided documents. No affected products, versions, or remediation are specified. Monitor for updates from vendors and security advisories.
CVE-1999-0621
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. Notes: the former description i...
CVE-1999-0586
A network service is running on a nonstandard port...