CVE-2026-32631

Git for Windows prior to 2.53.0.windows.3 is affected by an information disclosure vulnerability where an attacker can induce a user to clone a malicious repository or checkout a malicious branch that communicates with an attacker-controlled server, allowing extraction of the user’s NTLM hash. Th...

Dynatrace OneAgent 安全漏洞

Dynatrace OneAgent is an intelligent agent program from Dynatrace, Inc. A security vulnerability exists in Dynatrace OneAgent versions prior to 1.325.47, which stems from the fact that the agent retrieves every user token on a machine and attempts to access a network share when it receives a...

Apache HTTP Server 安全漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A cross-site request forgery vulnerability exists in Apache HTTP Server, which can be exploited by an attacker to cause NTLM hash...

CVE-2025-59244 NTLM Hash Disclosure Spoofing Vulnerability

...

EUVD-2002-1934

Malware in sbrugna...

CVE-2002-1955

Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack...

samba: out-of-bounds read in winbind AUTH_CRAP

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage...

tcpdump: Buffer over-read in print_trans() function in print-smb.c

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

Denial Of Service (DoS)

The SMB parser in tcpdump is vulnerable to denial of service. A buffer over-read in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN allows an attacker to crash the application...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

DEBIAN-CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

ALPINE-CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

CVE-2018-16451 is a buffer over-read in tcpdump's SMB parser (print-smb.c:print_trans) for SMB slots; Debian/AlmaLinux advisories show it alongside other tcpdump issues fixed by upgrading to tcpdump 4.9.3 (and libpcap 1.9.1). The available connected documents confirm the vulnerability and the fix...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

UBUNTU-CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

Password Cracker: Windows

This module uses John the Ripper or Hashcat to identify weak passwords that have been acquired from Windows systems. LANMAN is format 3000 in hashcat. NTLM is format 1000 in hashcat. MSCASH is format 1100 in hashcat. MSCASH2 is format 2100 in hashcat. NetNTLM is format 5500 in hashcat. NetNTLMv2 ...

John the Ripper Windows Password Cracker (Fast Mode)

This module uses John the Ripper to identify weak passwords that have been acquired as hashed files loot or raw LANMAN/NTLM hashes hashdump. The goal of this module is to find trivial passwords in a short amount of time. To crack complex passwords or use large wordlists, John the Ripper should be...