Lucene search
+L

121 matches found

nessus
nessus
added 2016/06/14 12:0 a.m.587 views

MS16-077: Security Update for WPAD (3165191)

The remote Windows host is missing a security update. It is, therefore, affected by multiple elevation of privilege vulnerabilities : - An elevation of privilege vulnerability exists in the Web Proxy Auto Discovery WPAD protocol due to improper handling of the proxy discovery process. A remote...

10CVSS6.9AI score0.77658EPSS
Exploits2References4
nessus
nessus
added 2016/05/26 12:0 a.m.14 views

Leaked DNS Query Detection - WPAD Proxy Request

Binary data 7202.pasl...

7.3AI score
Exploits0References2
nessus
nessus
added 2016/05/25 12:0 a.m.12 views

DNS 'WPAD' Lookup Detection

Binary data 9270.prm...

7.3AI score
Exploits0References2
saint
saint
added 2013/09/30 12:0 a.m.33 views

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

0.3AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.38 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.27 views

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

0.3AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.33 views

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

0.3AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.22 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
saint
saint
added 2013/09/30 12:0 a.m.28 views

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

0.3AI score
Exploits0
seebug
seebug
added 2012/11/19 12:0 a.m.38 views

Microsoft .NET Framework 远程代码执行漏洞(MS12-074)

BUGTRAQ ID: 56463 CVE ID: CVE-2012-4776 .NET就是微软的用来实现XML,Web Services,SOA(面向服务的体系结构service-oriented architecture)和敏捷性的技术。.NET Framework是微软开发的软件框架,主要运行在Microsoft Windows上。 Microsoft .NET Framework 2.0 SP2、3.5、3.5.1、4、4.5内的WPAD功能没有验证获取代理设置过程中返回的配置数据,通过在执行XAML浏览器应用或.NET...

9.3CVSS6.9AI score0.24755EPSS
Exploits1
nvd
nvd
added 2012/11/14 12:55 a.m.24 views

CVE-2012-4776

The Web Proxy Auto-Discovery WPAD functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitrary JavaScript code by providing crafted data duri...

9.3CVSS7.2AI score0.24755EPSS
Exploits1References7
prion
prion
added 2012/11/14 12:55 a.m.22 views

Design/Logic Flaw

The Web Proxy Auto-Discovery WPAD functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitrary JavaScript code by providing crafted data duri...

9.3CVSS7.8AI score0.24755EPSS
Exploits1References7Affected Software1
cvelist
cvelist
added 2012/11/14 12:0 a.m.31 views

CVE-2012-4776

The Web Proxy Auto-Discovery WPAD functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitrary JavaScript code by providing crafted data duri...

7.2AI score0.24755EPSS
Exploits1References7
cve
cve
added 2012/11/14 12:0 a.m.109 views

CVE-2012-4776

The CVE-2012-4776 issue is the WPAD-related remote code execution in Microsoft .NET Framework (versions 2.0 SP2, 3.5, 3.5.1, 4, 4.5). The vulnerability arises because WPAD data returned during proxy settings acquisition is not validated, allowing a crafted data input during XBAP or .NET Framework...

9.3CVSS7.3AI score0.24755EPSS
Exploits1References7Affected Software1
metasploit
metasploit
added 2012/10/21 3:25 a.m.48 views

Windows Gather Proxy Setting

This module pulls a user's proxy settings. If neither RHOST or SID are set it pulls the current user, else it will pull the user's settings for the specified SID and target host. This module requires Metasploit: https://metasploit.com/download Current source:...

7.3AI score
Exploits0
metasploit
metasploit
added 2012/07/01 1:57 a.m.16 views

WPAD.dat File Server

This module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in combination with DNS attacks or the 'NetBIOS Name Service Spoofer' module. Please remember as the server will be running by default on TCP port 80 you will need the required privileges to open that...

0.2AI score
Exploits0
nmap
nmap
added 2011/12/29 2:43 p.m.187 views

broadcast-wpad-discover NSE Script

Retrieves a list of proxy servers on a LAN using the Web Proxy Autodiscovery Protocol WPAD. It implements both the DHCP and DNS methods of doing so and starts by querying DHCP to get the address. DHCP discovery requires nmap to be running in privileged mode and will be skipped when this is not th...

10CVSS0.1AI score0.99448EPSS
Exploits33
threatpost
threatpost
added 2009/06/09 5:19 p.m.12 views

Inside Patch Tuesday: MS patches IIS WebDav, PWN2OWN flaws

Microsoft released 10 security bulletins today. Six of the bulletins impact the Windows operating system, while one applies to the Internet Explorer browser and three affects Microsoft Office Word, Excel, Works. Some interesting notes for today: 1. Microsoft has patched the IIS WebDav 0-day. This...

0.9AI score
Exploits0References4
nvd
nvd
added 2009/03/11 2:19 p.m.25 views

CVE-2009-0094

The WINS server in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 does not restrict registration of the 1 "wpad" and 2 "isatap" NetBIOS names, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery WPAD and Intra-Site Automatic Tunnel Addressing Protocol ISATAP...

5.5CVSS6AI score0.23461EPSS
Exploits1References10
nvd
nvd
added 2009/03/11 2:19 p.m.24 views

CVE-2009-0093

Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when dynamic updates are enabled, does not restrict registration of the "wpad" hostname, which allows remote authenticated users to hijack the Web Proxy Auto-Discovery WPAD feature, and conduct...

3.5CVSS6AI score0.1702EPSS
Exploits1References11
Rows per page
Query Builder