Lucene search
K

111 matches found

ATTACKERKB
ATTACKERKB
added 2017/08/02 12:0 a.m.38 views

CVE-2017-9769

A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. Recent assessments: zeroSteiner at November 21, 2019 11:14pm UTC reported: Analysis The Razer rzpnk.sys driver...

10CVSS0.3AI score0.85539EPSS
Exploits5References4
Packet Storm
Packet Storm
added 2017/07/22 12:0 a.m.118 views

Razer Synapse rzpnk.sys ZwOpenProcess

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/windowskernel' require 'rex' require 'metasm' class MetasploitModule 'Razer Synapse rzpnk.sys ZwOpenProcess', 'Description' = %q A...

0.85539EPSS
Exploits5
Metasploit
Metasploit
added 2017/07/10 8:57 p.m.54 views

Razer Synapse rzpnk.sys ZwOpenProcess

A vulnerability exists in the latest version of Razer Synapse v2.20.15.1104 as of the day of disclosure which can be leveraged locally by a malicious application to elevate its privileges to those of NTAUTHORITY\SYSTEM. The vulnerability lies in a specific IOCTL handler in the rzpnk.sys driver th...

9.8CVSS0.2AI score0.85539EPSS
Exploits5
exploitpack
exploitpack
added 2015/09/15 12:0 a.m.20 views

Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation

Microsoft Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation Source: https://code.google.com/p/google-security-research/issues/detail?id=468 Windows: User Mode Font Driver Thread Permissions EoP Platform: Windows 10 Build 10130 Class: Elevation of Privilege...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2015/09/15 12:0 a.m.49 views

Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=468 Windows: User Mode Font Driver Thread Permissions EoP Platform: Windows 10 Build 10130 Class: Elevation of Privilege Summary: The host process for the UMFD runs as a normal user but with a heavily restrictive process...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MS Windows XP/2000/NT 4 NetDDE Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5927/info The Winlogon NetDDE Agent can be leveraged to allow local privilege escalation. This is related to the Microsoft Windows Window Message Subsystem Design Error Vulnerability BID 5408. A local user can use a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Windows NT 4.0 - Remote Registry Request Dos Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/10/25 12:0 a.m.23 views

Microsoft Windows AutoRuns Winlogon

Binary data windowsautorunswinlogon.nbin...

7.3AI score
Exploits0References15
Metasploit
Metasploit
added 2011/07/30 6:50 p.m.57 views

Windows Capture Winlogon Lockout Credential Keylogger

This module migrates and logs Microsoft Windows user's passwords via Winlogon.exe using idle time and natural system changes to give a false sense of security to the user. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

7.3AI score
Exploits0
myhack58
myhack58
added 2010/02/17 12:0 a.m.98 views

By injecting the Winlogon process intercepts the system password-vulnerability warning-the black bar safety net

Komaki original article, reproduced please indicate the source. Thank you. http://blog.hack.la QQ: 4 2 8 9 0 3 0 A. Winlogon. exe is a prerequisite for the user login process, and. We will now be through DLL injection, to achieve the intercepted system login user name and password and other...

8.1AI score
Exploits0
myhack58
myhack58
added 2007/10/06 12:0 a.m.14 views

About the winlogon process stored in the current user's password problems-vulnerability warning-the black bar safety net

Look at this post before, I was wondering, why I used findpass of the time, sometimes you can find an administrator password, sometimes not? See this post later, slightly understand the point to ------------------------------ The following is from the focus of the post: Q: everyone knows you can...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.29 views

Microsoft Windows用户配置文件权限提升漏洞(MS06-051)

Microsoft Windows是微软发布的非常流行的操作系统。 Windows的Winlogon在处理用户配置文件时存在漏洞,本地攻击者可能利用此漏洞提升自己在系统中的权限。 在Windows 2000上,Winlogon允许使用无效的路径。如果禁用了SafeDllSearchMode的话,并将特制的DLL置于UserProfile目录中,WinLogon就可能执行DLL代码,从而导致用户的权限提升。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2003 SP1 Microsof...

7.5AI score
Exploits0
myhack58
myhack58
added 2006/10/06 12:0 a.m.39 views

Ginwui back door program analysis-vulnerability warning-the black bar safety net

This year 5 month 1 9 day CVE release number for the CVE-2 0 0 6-2 4 9 2 security bulletins, Microsoft Word processing DOC file there is a buffer overflow vulnerability, and Microsoft Word to run the special structure of the doc file, resulting in arbitrary code execution. A remote attacker could...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2006/09/22 12:0 a.m.44 views

Multiple Windows kernel security vulnerabilities

Buffer overflow vulnerability allows privilege escalation, WinLogon user profile DLL privilege escalation, unhandled exception code execution vulnerability...

3.5AI score
Exploits0References2
CERT
CERT
added 2006/08/10 12:0 a.m.57 views

Microsoft Windows Kernel vulnerable to privilege escalation

Overview Microsoft Windows contains a privilege escalation vulnerability that could allow an authenticated, local attacker to gain complete control of the affected system. Description Winlogon is the component of Microsoft Windows responsible for interactive, security related functions. Upon logo...

7.2CVSS6.6AI score0.01659EPSS
Exploits0References2
NVD
NVD
added 2006/08/09 1:4 a.m.26 views

CVE-2006-3443

Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability."...

7.2CVSS6.5AI score0.01659EPSS
Exploits0References7
CVE
CVE
added 2006/08/09 1:0 a.m.54 views

CVE-2006-3443

CVE-2006-3443 affects Windows 2000 SP4 with Winlogon vulnerable to a User Profile Elevation of Privilege when SafeDllSearchMode is disabled. A local attacker can place a malicious DLL in the UserProfile directory to execute code with SYSTEM-level privileges after logon, as described in Microsoft ...

7.2CVSS6.5AI score0.01659EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/08/09 1:0 a.m.31 views

CVE-2006-3443

Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability."...

6.5AI score0.01659EPSS
Exploits0References7
myhack58
myhack58
added 2005/10/23 12:0 a.m.22 views

How to in Windows 2 0 0 3 to give the login password-vulnerability warning-the black bar safety net

In all NT systems, there are several ways you can get the login user's password. I know of three methods can achieve the purpose. 1. hook the winlogon in the several function, the Internet also has this type ofprogram, called winlogonhijack items in the rootkit. com has to offer, but that project...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/24 12:0 a.m.903 views

Microsoft Windows SMB Registry : Winlogon Cached Password Weakness

The registry key 'HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ Winlogon\CachedLogonsCount' is not 0. Using a value greater than 0 for the CachedLogonsCount key indicates that the remote Windows host locally caches the passwords of the users when they login, in order to continue to allow the...

5.6AI score
Exploits0References3
Rows per page
Query Builder