369 matches found
Go-Secdump - Tool To Remotely Dump Secrets From The Windows Registry
Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any remote agent and without touching disk. The tool is built on top of the library go-smb and use it to communicate with the Windows...
Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses
Microsoft on Monday confirmed its plans to deprecate NT LAN Manager NTLM in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used desktop operating system. "Deprecating NTLM has been a huge ask from our security community as it will...
Metasploit Weekly Wrap-Up 05/03/24
Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...
Buffer Overflow
libfrr.so is vulnerable to Buffer Overflow. The vulnerability is due to inadequate validation of lengths in Segment Routing Adjacency SID subTLVs within OSPF LSA packets during the parsing process, which could result in a Denial of Service...
Buffer Overflow
libfrr.so is vulnerable to Buffer Overflow. The vulnerability is due to inadequate validation of the size of Segment Routing subTLVs in ospfteparseri function within ospfte.c. An attacker can trigger this vulnerability by crafting OSPF LSA packets with maliciously crafted Segment Routing subTLVs...
CVE-2024-26209
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability...
CVE-2024-26209
CVE-2024-26209 affects Microsoft Windows Local Security Authority Subsystem Service (LSASS). The entry describes an information disclosure vulnerability in LSASS, with a CVSS 3.1 base score of 5.5 (Medium), attack vector Local, privileges required Low, user interaction None, and a confidentiality...
CVE-2024-31951
A buffer overflow vulnerability was found in FRRouting. There can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs. Mitigation Mitigation for this issue is either not available or the currently availab...
CVE-2024-31950
A buffer overflow vulnerability was found in FRRouting. There can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs. Mitigation Mitigation for this issue is either not available or the currently available options don't me...
CVE-2024-31951
In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...
CVE-2024-31950
In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...
AZL-39815 CVE-2024-31951 affecting package frr for versions less than 8.5.5-1
In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...
DEBIAN-CVE-2024-31950
In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...
PT-2024-6034 · Frrouting +5 · Frrouting +5
Name of the Vulnerable Software and Affected Versions: FRRouting versions through 9.1 Description: The issue is related to a buffer overflow and daemon crash in the ospf te parse ri function for OSPF LSA packets during an attempt to read Segment Routing subTLVs, whose size is not validated. This...
CVE-2024-31951
In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...
CVE-2024-31951
In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...
CVE-2024-31951
In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...
CVE-2024-31951
FRRouting FRR in versions up to 9.1 is affected by CVE-2024-31951 due to a bug in the Opaque LSA Extended Link parser (ospf_te_parse_ext_link) that can trigger a buffer overflow and daemon crash while reading Segment Routing Adjacency SID subTLVs because lengths are not validated. Exploitation st...
CVE-2024-31950
In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...
frr - Multiple vulnerabilities
[email protected] reports: In FRRouting FRR through 9.1, there are multiples vulnerabilities. CVE-2024-31950: buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets CVE-2024-31951: buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets...