Firefox < 3.0.16 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.16. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2009-65 - The NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from o...

Mozilla Firefox < 3.0.16 / 3.5.6 Multiple Vulnerabilities

Binary data 801369.prm...

Mozilla Firefox < 3.0.16 / 3.5.6 Multiple Vulnerabilities

Binary data 5264.prm...

NTLM reflection vulnerability — Mozilla

Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitrary application via the browser. If an attacker could get a user to visit a...

PT-2009-4388 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user. This is related to a credential...

Windows Telnet credential reflection

Added: 08/12/2009 CVE: CVE-2009-1930 BID: 35993 OSVDB: 56904 Background Microsoft Windows operating systems come with a telnet service. This service prompts a user to provide a login name and password. Following successful authentication, the server displays a shell prompt, allowing the user to r...

Windows Telnet credential reflection

Added: 08/12/2009 CVE: CVE-2009-1930 BID: 35993 OSVDB: 56904 Background Microsoft Windows operating systems come with a telnet service. This service prompts a user to provide a login name and password. Following successful authentication, the server displays a shell prompt, allowing the user to r...

Microsoft Windows Telnet NTLM凭据反射绕过认证漏洞（MS09-042）

BUGTRAQ ID: 35993 CVECAN ID: CVE-2009-1930 Microsoft Windows是微软发布的非常流行的操作系统。 Telnet协议未正确地选择加入NTLM凭据反射保护以确保用户凭据不被反射回来并供用户使用。如果用户受骗连接到了恶意的Telnet服务器，就可能导致反射NTLM凭据并以当前用户的权限获得系统访问。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windo...

Windows Telnet credential reflection

Added: 08/12/2009 CVE: CVE-2009-1930 BID: 35993 OSVDB: 56904 Background Microsoft Windows operating systems come with a telnet service. This service prompts a user to provide a login name and password. Following successful authentication, the server displays a shell prompt, allowing the user to r...

Telnet NTLM Credential Reflection Authentication Bypass Vulnerability (960859)

This host is missing a critical security update according to Microsoft Bulletin MS09-042. OpenVAS Vulnerability Test $Id: secpodms09-042.nasl 5363 2017-02-20 13:07:22Z cfi $ Telnet NTLM Credential Reflection Authentication Bypass Vulnerability 960859 Authors: Nikita MR Updated By: Madhuri D on...

Windows Telnet credential reflection

Added: 08/12/2009 CVE: CVE-2009-1930 BID: 35993 OSVDB: 56904 Background Microsoft Windows operating systems come with a telnet service. This service prompts a user to provide a login name and password. Following successful authentication, the server displays a shell prompt, allowing the user to r...

Microsoft Telnet Services Credential Reflection Code Execution (MS09-042; CVE-2009-1930)

Telnet is a bidirectional communications protocol that allows for command line remote administration over the TCP protocol. A remote code execution vulnerability has been reported in the way Microsoft Windows Telnet Service handles NTLM credentials. The vulnerability is due to an error in the...

CVE-2009-2724

Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."...

Race condition

Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."...

JDK race condition vulnerability reflection checks

Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."...

Internet Explorer WinINet credential reflection vulnerability

Added: 05/04/2009 CVE: CVE-2009-0550 BID: 34439 OSVDB: 53619 Background The Windows Internet WinINet application programming interface API provides applications with an implementation of standard protocols such as FTP and HTTP. Problem An NTLM credential reflection vulnerability allows a remote w...

Design/Logic Flaw

Windows HTTP Services aka WinHTTP in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows...

CVE-2009-0550

Windows HTTP Services aka WinHTTP in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows...

CVE-2009-0550

CVE-2009-0550 impacts Windows HTTP Services (WinHTTP) and WinINet used by Internet Explorer, on Windows 2000 SP4, XP SP2/SP3, Server 2003, Vista, and Server 2008; the vulnerability allows an attacker-controlled remote web server to capture NTLM credentials and replay them, and to execute arbitrar...

Microsoft Security Bulletin MS09-013 - Critical Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution &#40;960803&#41;

Microsoft Security Bulletin MS09-013 - Critical Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution 960803 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and two privately...