Microsoft Windows RRAS Service MIBEntryGet Overflow Exploit

This Metasploit module exploits an overflow in the Windows Routing and Remote Access Service RRAS to execute code as SYSTEM. The RRAS DCERPC endpoint is accessible to unauthenticated users via SMBv1 browser named pipe on Windows Server 2003 and Windows XP hosts; however, this module targets Windo...

CVE-2017-8461

creationtimestamp| type| source ---|---|--- 2021-03-05 10:08:41+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/smbrraserraticgopher.rb 2024-10-14 21:44:46+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/508 2025-02-06...

Microsoft Windows RRAS Service MIBEntryGet Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows RRAS Service MIBEntryGet Overflow', 'Description' = %q This module exploits an overflow in the Windows Routing and Remote Acces...

CVE-2017-8461

Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability."...

CVE-2017-8461

CVE-2017-8461 affects Windows XP and Windows Server 2003, enabling remote code execution through the RRAS service. The vulnerability is a MIBEntryGet/overflow in RRAS’s DCERPC endpoint, exploitable via a crafted application and unauthenticated access on affected OS versions. Public details note e...

KLA11056 Multiple arbitrary code execution vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows XP and Microsoft Windows Server 2003. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. An improper validation of user input in Windows OLE can be...

Microsoft Security Advisory 4025685: Guidance for older platforms (XP / 2003) (EXPLODINGCAN)

The remote Windows host is missing a security update. It is, therefore, affected by one or more of the following vulnerabilities : - A remote code execution vulnerability exists in how the Remote Desktop Protocol RDP handles requests if the RDP server has Smart Card authentication enabled. An...

Microsoft Windows RPC CVE-2017-8461 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows Server 2003 Microsoft Windows...