Lucene search
+L

162 matches found

ThreatPost
ThreatPost
added 2020/03/04 5:48 p.m.37 views

Microsoft OneNote Used To Sidestep Phishing Detection

A phishing campaign was recently discovered leveraging OneNote, Microsoft’s digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims’ systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that...

6.9AI score
Exploits0References11
Penetration Testing Lab
Penetration Testing Lab
added 2020/01/22 11:12 a.m.48 views

Persistence – Modify Existing Service

It is not uncommon for APT Groups to modify an existing service on the compromised host in order to execute an arbitrary payload when the… Continue reading - Persistence - Modify Existing Service...

5AI score
Exploits0
OSV
OSV
added 2019/05/08 3:30 p.m.5 views

CVE-2018-5409

The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the...

9.8CVSS5.8AI score0.01077EPSS
Exploits0References2
Kitploit
Kitploit
added 2018/08/06 10:39 p.m.30 views

Remote Desktop Caching - Tool To Recover Old RDP (mstsc) Session Information In The Form Of Broken PNG Files

This tool allows one to recover old RDP mstsc session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an...

6.9AI score
Exploits0References2
NVD
NVD
added 2018/06/17 4:29 p.m.21 views

CVE-2018-12332

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset...

4.2CVSS4.5AI score0.00175EPSS
Exploits0References1
Prion
Prion
added 2018/06/17 4:29 p.m.19 views

Input validation

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset...

1.9CVSS4.6AI score0.00175EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/17 4:29 p.m.7 views

CVE-2018-12332

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset...

4.2CVSS5.8AI score0.00175EPSS
Exploits0References1
rapid7community
rapid7community
added 2017/05/18 7:59 p.m.27 views

Recent Python Meterpreter Improvements

The Python Meterpreter has received quite a few improvements this year. In order to generate consistent results, we now use the same technique to determine the Windows version in both the Windows and Python instances of Meterpreter. Additionally, the native system language is now populated in the...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2017/05/11 4:1 a.m.61 views

Multi Manage Network Route via Meterpreter Session

This module manages session routing via an existing Meterpreter session. It enables other modules to 'pivot' through a compromised host when connecting to the named NETWORK and SUBMASK. Autoadd will search a session for valid subnets from the routing table and interface list then add routes to...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2017/04/28 12:0 a.m.24 views

Logrhythm Network Monitor Multiple Vulnerabilities

Logrhythm Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2014/10/21 12:0 a.m.26 views

FreeBSD -- rtsold(8) remote buffer overflow vulnerability

Problem Description: Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold8. Impact: Receipt of a router advertisement message with a malformed DNSSL option, for instance from a compromised...

10CVSS6.9AI score0.0394EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/04/07 12:0 a.m.2 views

PHP JavaScript Website Redirection

A website redirection vulnerability has been reported in PHP. A remote attacker can exploit this vulnerability to load and run a malicious file served from a second compromised host...

1.1AI score
Exploits0
F5 Networks
F5 Networks
added 2010/06/18 12:0 a.m.31 views

SOL11719 - Mitigating risk from SSH brute force login attacks

Vulnerability Description F5 products and versions that are affected by this Security Advisory F5 Product Development has determined that all products and versions are affected by the issue described in this security advisory. Note: For information about signing up to receive security notice...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/06/06 12:0 a.m.20 views

SecurityGateway < 1.0.2 Administration Interface username Field Remote Overflow

The remote host is running Alt-N's SecurityGateway for Exchange/SMTP, an email spam firewall for Exchange and SMTP servers. The version of SecurityGateway installed on the remote host is earlier than 1.0.2. Such versions are reportedly affected by a buffer overflow that can be triggered using a...

10CVSS6.2AI score0.74612EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2008/03/05 12:0 a.m.29 views

activePDF Server < 3.8.6 Packet Handling Remote Overflow

activePDF Server is installed on the remote host. It is used to provide PDF generation and conversion from within enterprise and web applications. The version of activePDF Server installed on the remote host contains a heap-based buffer overflow that can be triggered by sending a packet specifyin...

7.5CVSS6.3AI score0.02872EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.9 views

URCS Server Detection

This host appears to be running URCS Server. Unmanarc Remote Control Server can be used/installed silent as a SPDX-FileCopyrightText: 2005 J.Mlodzianowski Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/05/29 12:0 a.m.20 views

IRC Bot Detection

This host seems to be running an ident server, but before any request is sent, the server gives an answer about a connection to port 6667. It is very likely this system has been compromised by an IRC bot and is now a 'zombie' that can participate in 'distributed denial of service' DDoS attacks...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/28 12:0 a.m.57 views

IRC Bot ident Server Detection

This host seems to be running an ident server, but the ident server responds to an empty query with a random userid. This behavior may be indicative of an IRC bot, worm and/or virus infection. It is very likely this system has been compromised. IRC bot ident server detection Created: 9/22/04 Last...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/10/13 12:0 a.m.40 views

Wollf Backdoor Detection

This host appears to be running Wollf on this port. Wollf Can be used as a Backdoor which allows an intruder gain remote access to files on your computer. If you did not install this program for remote management then this host may be compromised. An attacker may use it to steal your passwords, o...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/06/11 12:0 a.m.110 views

Bugbear.B Worm Detection

The BugBear.B backdoor appears to be listening on this port. An attacker may connect to it to retrieve secret information such as passwords, credit card numbers, etc. The BugBear.B worm includes a keylogger and can kill antivirus and firewall software. It propagates through email and open Windows...

5.5AI score
Exploits0
Rows per page
Query Builder