Microsoft Windows: Enable insecure guest logons

This test checks the setting for policy OpenVAS Vulnerability Test $Id: wininsecureguestlogons.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Enable insecure guest logons Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is...

John the Ripper Password Cracker (Fast Mode)

This module uses John the Ripper to identify weak passwords that have been acquired as hashed files loot or raw LANMAN/NTLM hashes hashdump. The goal of this module is to find trivial passwords in a short amount of time. To crack complex passwords or use large wordlists, John the Ripper should be...

Microsoft Windows NT <= 4.0 SP5,Terminal Server 4.0 "Pass the Hash" with Modified SMB Client Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/233/info A modified SMB client can mount shares on an SMB host by passing the username and corresponding LanMan hash of an account that is authorized to access the host and share. The modified SMB client removes the need...

Microsoft Windows 2000 Lanman Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4532/info An issue has been discovered in Windows 2000, which could cause a denial of system services. Submitting malformed data to port 445 could cause the Lanman service to consume high CPU and Kernel mode memory usage...

Microsoft Windows 2000 Lanman Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/4532/info An issue has been discovered in Windows 2000, which could cause a denial of system services. Submitting malformed data to port 445 could cause the Lanman service to consume high CPU and Kernel mode memory usage....

smb-print-text NSE Script

Attempts to print text on a shared printer by calling Print Spooler Service RPC functions. In order to use the script, at least one printer needs to be shared over SMB. If no printer is specified, script tries to enumerate existing ones by calling LANMAN API which might not be always available...

smb-vuln-ms10-061 NSE Script

Tests whether target machines are vulnerable to ms10-061 Printer Spooler impersonation vulnerability. This vulnerability was used in Stuxnet worm. The script checks for the vuln in a safe way without a possibility of crashing the remote system as this is not a memory corruption vulnerability. In...

Windows Gather SMB Share Enumeration via Registry

This module will enumerate configured and recently used file shares. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather SMB Share Enumeration via Registry', 'Description' = %q This...

SMB Negotiate SMB2 Dialect Corruption

This module sends a series of SMB negotiate requests that advertise a SMB2 dialect with corrupted bytes. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Negotiate SMB2 Dialect Corruption',...

Multiple Printer Providers (Spooler Service) - Local Privilege Escalation

/Private exploit- internal use only Title: Universal exploit for vulnerable printer providers spooler service. Vulnerability: Insecure EnumPrintersW calls Author: Andres Tarasco Acuña - [email protected] Website: http://www.514.es This code should allow to gain SYSTEM privileges with the following...

Sun Solaris PC Netlink symbolic links problem

"/opt/lanman/sbin/slsmgr" and "/etc/init.d/slsadmin" symbolic links problem...

CVE-2002-1955

Technical details (affected products, versions, root cause, or fixes) are not publicly provided in the supplied documents. Monitor for updates.

CVE-2002-1955

Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack...

CVE-2001-1451

CVE-2001-1451 describes a memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3. When the Print Spooler is not running, remote attackers can trigger a denial of service by issuing a large number of GET or GETNEXT requests, leading to memory consumption. ...

Lanman workstation buffer overflow

Buffer overflow during service network messages processing...

CVE-2002-0597

The CVE-2002-0597 entry concerns Microsoft Windows 2000 where the LANMAN service, enabled by default, processes malformed data sent to port 445 (microsoft-ds). The root cause is that malformed packets exhaust kernel memory/resources, leading to denial of service and degraded or failing system beh...

CVE-2002-0597

LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service CPU/memory exhaustion via a stream of malformed data to microsoft-ds port 445...

Microsoft Windows Server 2000 - Lanman Denial of Service (2)

Microsoft Windows Server 2000 - Lanman Denial of Service 2 source: https://www.securityfocus.com/bid/4532/info An issue has been discovered in Windows 2000, which could cause a denial of system services. Submitting malformed data to port 445 could cause the Lanman service to consume high CPU and...

Microsoft Windows Server 2000 - Lanman Denial of Service (2)

source: https://www.securityfocus.com/bid/4532/info An issue has been discovered in Windows 2000, which could cause a denial of system services. Submitting malformed data to port 445 could cause the Lanman service to consume high CPU and Kernel mode memory usage...

CVE-2002-0597

LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service CPU/memory exhaustion via a stream of malformed data to microsoft-ds port 445...