195 matches found
SUSE CVE-2011-0901
Multiple stack-based buffer overflows in the tsclaunchremote function src/support.c in Terminal Server Client tsclient 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long 1 username, 2 password, or 3 domain argument. NOTE:...
Micro-Star International MSI Center 数据伪造问题漏洞
Micro-Star International MSI Center is a monitoring and management platform from Micro-Star International China. All your favorite features can be found on the Feature Set page, such as Gaming Mode or Smart Priority. A security vulnerability exists in Micro-Star International MSI Center version...
February 15, 2022—KB5010421 (OS Build 20348.558) Preview
February 15, 2022—KB5010421 OS Build 20348.558 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find...
CVE-2021-26887
An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting anothe...
CVE-2021-26887
An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting anothe...
Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting anothe...
How to Specify a Program to Start on Connection by Using Microsoft Remote Desktop Connection
This article describes how to specify a program to start on connection by using Microsoft Remote Desktop Connection. Requirements Remote Desktop Protocol RDP client such as the Microsoft Remote Desktop Connection client MSTSC.exe. Additional configuration on the XenApp Serverto accept these...
netABuse Insufficient Windows Authentication Logic Scanner
import os,re,time,signal,sys from subprocess import from multiprocessing import Process By John Page aka hyp3rlinx Apparition Security twitter.com/hyp3rlinx Advisory: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-NET-USE-INSUFFICIENT-PASSWORD-PROMPT.txt...
Remote code execution
Systech Corporation NDS-5000 Terminal Server, NDS/5008 8 Port, RJ45, firmware Version 02D.30. Successful exploitation of this vulnerability could allow information disclosure, limit system availability, and may allow remote code execution...
CVE-2020-7006
CVE-2020-7006 affects Systech NDS-5000 Terminal Server/NDS-5008 (8 Port, RJ45) firmware version 02D.30. The issue is a stored cross-site scripting (CWE-79) vulnerability in the WEB application, enabling potential client-side code execution and information disclosure with remote impact. Affected p...
CVE-2020-7006
Systech Corporation NDS-5000 Terminal Server, NDS/5008 8 Port, RJ45, firmware Version 02D.30. Successful exploitation of this vulnerability could allow information disclosure, limit system availability, and may allow remote code execution...
Systech NDS-5000 Terminal Server
1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Systech Corporation Equipment: NDS-5000 Terminal Server Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow information disclosure,...
LTSP LDM Elevation of Privilege Vulnerability
LTSP is a well-known Linux Terminal Server Project program that adds thin client support to Linux servers. An elevation of privilege vulnerability exists in LTSP LDM, which can be exploited by an attacker with certain privileges to gain privileges by performing a symbolic link attack on files wit...
Debian: Security Advisory (DLA-2064-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2064-1] ldm security update
Package : ldm Version : 2:2.2.15-2+deb8u1 CVE ID : CVE-2019-20373 Debian Bug : 948538 It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. For...
Debian DSA-4601-1 : ldm - security update
It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project, incorrectly parsed responses from an SSH server, which could result in local root privilege escalation. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
UBUNTU-CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
[SECURITY] Fedora 30 Update: rdesktop-1.8.6-1.fc30
rdesktop is an open source client for Windows NT Terminal Server and Windows 2000 & 2003 Terminal Services, capable of natively speaking Remote Desktop Protocol RDP in order to present the user's NT desktop. Unlike Citrix ICA, no server extensions are required...
June 27, 2019—KB4501375 (OS Build 18362.207)
June 27, 2019—KB4501375 OS Build 18362.207 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue with Hyper-V virtualization on a specific...
Bug in Anesthesia Respirators Allows Cyber-Tampering
A vulnerability in GE Healthcare’s Aestiva and Aespire anesthesia devices would allow an unauthenticated cybercriminal on the same network as the device to modify gas composition parameters within the devices’ respirator function, thus changing sensor readings for gas density. According to GE...