15 matches found
📄 FIFOFox: Windows Named-Pipe Weak Permission and Access Control Validation
This C-based framework analyzes Windows named pipes for insecure permission configurations and weak access controls that could introduce privilege boundary issues. The code collects metadata about target pipes, inspects security descriptors and DACL configurations, checks for potentially unsafe...
CVE-2025-6723 Untrusted user data can lead to privilege escalation
Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially...
CVE-2025-6723 Untrusted user data can lead to privilege escalation
Chef InSpec versions up to 5.23 and before 7.0.107 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially...
CVE-2024-50591
An attacker with local access the to medical office computer can escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by exploiting a command injection vulnerability in the Elefant Update Service. The command injection can be exploited by communicating with the Elefant Update Service whi...
PT-2024-34346 · Elefant +1 · Elefant Software Updater +1
Name of the Vulnerable Software and Affected Versions: Elefant Software Updater ESU affected versions not specified Description: An attacker with local access to a medical office computer can escalate their Windows user privileges to "NT AUTHORITYSYSTEM" by exploiting a command injection...
SUSE CVE-2024-27308
Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some...
AZL-61991 CVE-2024-27308 affecting package tardev-snapshotter 3.2.0.tardev1-6
Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some...
AZL-35748 CVE-2024-27308 affecting package rpm-ostree for versions less than 2024.4-1
Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some...
Tokens for named pipes may be delivered after deregistration
Impact When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some applications, invalid tokens may be...
PT-2024-21810
Name of the Vulnerable Software and Affected Versions mio versions 0.7.2 through 0.8.10 Tokio versions 1.30.0 and later, when used with a vulnerable version of mio Description The issue occurs when using named pipes on Windows, where mio may return invalid tokens corresponding to named pipes that...
PipeViewer - A Tool That Shows Detailed Information About Named Pipes In Windows
A GUI tool for viewing Windows Named Pipes and searching for insecure permissions. The tool was published as part of a research about Docker named pipes: "Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1" "Breaking Docker Named Pipes SYSTEMatically: Docker...
Tokio 安全漏洞
Tokio is a software library for the Rust programming language. It provides runtime and enabled asynchronous I / O functionality, thus allowing concurrency related to task completion. Tokio suffers from a security vulnerability that stems from its configuration of the Windows Named Pipes Server,...
CVE-2022-32230
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death BSOD crash of the Windows kernel. For most...
PT-2020-17051 · Mariadb Foundation +4 · Mariadb +3
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
ms-sql-info NSE Script
Attempts to determine configuration and version information for Microsoft SQL Server instances. SQL Server credentials required: No will not benefit from mssql.username & mssql.password. Run criteria: Host script: Will always run. Port script: N/A NOTE: Unlike previous versions, this script will...