Exploit for CVE-2017-0144

💀 EternalBlue MS17-010 Exploitation Research Controlled r...

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. Some SMB1 write requests were not properly range-checked to ensure that the client had sent enough data to complete the write operation. As a result, the contents of the server’s memory were written to the file or printer, rather than the data provided by the clien...

MiracleLinux 7 : samba-4.2.3-12.el7 (AXSA:2016-138:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-138:02 advisory. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2015-7560 The SMB1...

A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do

A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag that, but in this case, the checks are loose. The app gets access anyway. On another Mac in the same...

CVE-2016-2124

...

SUSE CVE-2017-14746

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request...

AZL-10736 CVE-2022-32742 affecting package samba 4.12.5-7

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

Exploit for CVE-2017-0144

Based on the provided code and analysis, here is a summary of the findings: Classification: The repository is an offensive tool for exploiting vulnerabilities, specifically targeting the Windows operating system. Primary Target: The primary target is the Windows operating system, with a focus on...

USN-3486-1 samba vulnerabilities

Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when processing certain SMB1 requests. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2017-14746 Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a...

CVE-2017-0274

Microsoft Server Message Block 1.0 SMBv1 allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

CVE-2017-0275

Microsoft Server Message Block 1.0 SMBv1 allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

CVE-2017-0268

Microsoft Server Message Block 1.0 SMBv1 allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

CVE-2017-0145

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka...

CVE-2017-0146

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka...

Microsoft Windows SMB Server Remote Code Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the U.S. SMBv1 server is one of the server protocol components. An authenticated remote code execution vulnerability exists in the SMBv1 server in Microsoft Windows. A remote attacker can exploit this...