Design/Logic Flaw

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293...

CVE-2017-1152

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293...

CVE-2017-1152

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293...

CVE-2017-1152

CVE-2017-1152 concerns a session-id handling vulnerability in IBM products. IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and CPS (3.0.1.0/3.0.2.0) and IBM Sterling/10x components report that SESSIONID is not properly updated per request, enabling potential ID exposure ...

CVE-2017-1152

IBM Financial Transaction Manager 3.0.1 and 3.0.2 does not properly update the SESSIONID with each request, which could allow a user to obtain the ID in further attacks against the system. IBM X-Force ID: 122293...

Harvest: Client can redirect payment, causing payment discrepancy between Harvest and PayPal

Vulnerability details When a client views an invoice through the web interface, it'll show a "Pay with PayPal" button when a standard PayPal integration has been enabled. Clicking this button will submit a POST request to PayPal. This request contains a business parameter, which is the receiver o...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the kernel control driver in the Windows transaction monitor is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to enhance their privileges through a specially created application...

CVE-2017-0101

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted...

Privilege escalation

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted...

CVE-2017-0101

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted...

Windows Transaction Manager Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability ...

PT-2017-1533 · Microsoft · Windows Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions Vista SP2 through 10 1607 Microsoft Windows Server versions 2008 SP2 through 2016 Description: The issue is related to a buffer overflow in the kernel-mode drivers of the Transaction Manager in Microsoft Windows,...

KLA10984 Privilege escalation vulnerabilities in Windows kernel

Multiple serious vulnerabilities have been found in Microsoft Windows kernel. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An improper check of a buffer length prior to copying memory to the buffer can be exploited remotely ...

Information : XenApp/XenDesktop Performance Counters

1. CitrixBrokerService 1. Application Cache Writes 2. Brokered Sessions 3. Database Avg. Transaction Time 4. Database Connected 5. Database Transaction Errors/sec 6. Database Transaction/sec 7. Deregistration Requests 8. Expired Launches/sec 9. Expired Registrations 10. Expired Registration/sec...

MS17-017: Security Update for Windows Kernel (4013081)

The remote Windows host is missing a security update. It is, therefore, affected by multiple elevation of privilege vulnerabilities : - An elevation of privilege vulnerability exists in the Windows Kernel API due to improper enforcement of permissions. A local attacker can exploit this, via a...

cics-info NSE Script

Using the CICS transaction CEMT, this script attempts to gather information about the current CICS transaction server region. It gathers OS information, Datasets files, transactions and user ids. Based on CICSpwn script by Ayoub ELAASSAL. Script Arguments cics-info.trans Instead of gathering all...

CVE-2016-9051

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can...

CVE-2016-9051

An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can...

No Transaction Logs Truncated After Backup of Exchange DAG Passive Node

Article Applicability This article documents a niche issue caused by changes being made to the Exchange configuration. Challenge This article is specific to a scenario where all of the following are true: Microsoft Exchange transaction logs are not truncated after the backup completes. The...

VeeamONE SQL Database Log File (ldf) Growth

Challenge The transaction log file .ldf for the Veeam ONE configuration database VeeamONE consumes an unexpectedly large amount of disk space. Cause This occurs when the Recovery Model of the VeeamONE configuration database is set to Full or Bulk-Logged. Note: By deafult, Veeam ONE expects and...