143 matches found
Windows NTLM Auth Hash Disclosure / Denial Of Service Vulnerabilities
Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine. Hello, I want to share some information with the people on the list. On May 24, I found a problem with NTLM auth on Windows. Under certain circumstances a shared...
Windows NTLM Auth Hash Disclosure / Denial Of Service
Hello, I want to share some information with the people on the list. On May 24, I found a problem with NTLM auth on Windows. Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine. This was already reported to MSRC on...
PT-2017-18855 · Owncloud · Owncloud Server
Name of the Vulnerable Software and Affected Versions: ownCloud Server versions prior to 10.0.2 Description: An attacker with normal user privileges can potentially delete shared folders in ownCloud Server. Recommendations: For versions prior to 10.0.2, update to version 10.0.2 or later to resolv...
ownCloud Remote Elevation of Privilege Vulnerability
ownCloud is a free and open source personal cloud storage solution from the German company ownCloud, which provides file management, music storage, calendaring and other features. ownCloud server is a server version. There is a security vulnerability in ownCloud Server. An attacker can utilize th...
Parallels Desktop - Virtual Machine Escape Vulnerability
Exploit for windows platform in category local exploits + Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Ma...
Parallels Desktop - Virtual Machine Escape
Parallels Desktop - Virtual Machine Escape + Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp...
Parallels Desktop - Virtual Machine Escape
Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website :...
Parallels Desktop 12.2.0 Virtual Machine Escape
Title:A Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes , reza.esparghamatgmaildotcom Website...
The vulnerability of the Oracle VM VirtualBox virtual machine, which allows a hacker to trigger a service failure
The vulnerability of the Oracle VM VirtualBox virtual machine’s Shared Folder sub-component is related to access control deficiencies. Exploiting this vulnerability can allow an attacker, operating locally, to cause the system to freeze or crash by accessing infrastructure resources...
MGASA-2017-0135 Updated virtualbox packages fixes security vulnerabilities
This update provides virtualbox 5.1.22 maintenance release and resolves at least the following security issues: A vulnerability in the core subcomponent of virtualbox allows high privilegied attacker unauthorized read access to a subset of VirtualBox accessible data CVE-2017-3513. A vulnerability...
Oracle VM VirtualBox Remote Vulnerability (CNVD-2017-06471)
Oracle Virtualization is a set of virtualization solutions from Oracle Corporation, of which Oracle VM VirtualBox is a virtual machine component. A security vulnerability exists in the Shared Folder subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization. An attacker could...
Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1227 We have discovered a heap double-free vulnerability in the latest version of VirtualBox 5.1.18, with Guest Additions and more specifically shared folders enabled in the guest operating system. The heap memory corruption take...
Oracle VirtualBox Security Bypass Vulnerability - 01 (Apr 2017) - Mac OS X
Oracle VirtualBox is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle VirtualBox Security Bypass Vulnerability - 01 (Apr 2017) - Windows
Oracle VirtualBox is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-3587
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
CVE-2017-3538
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
CVE-2017-3538
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
UBUNTU-CVE-2017-3587
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
UBUNTU-CVE-2017-3538
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
Design/Logic Flaw
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are Prior to 5.0.34 and Prior to 5.1.16. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...