EUVD-2019-3075

Malware in sbrugna...

SharpWebServer - HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality

A Red Team oriented simple HTTP & WebDAV server written in C with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement purposes. Requires .NET Framework 4.5 and System.Net and System.Net.Sockets references. Usage :: SharpWebServer ...

Design/Logic Flaw

GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 when used with .NET Framework 4.5 allows Local File Inclusion via the FileDesc parameter...

CVE-2019-11397

GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 when used with .NET Framework 4.5 allows Local File Inclusion via the FileDesc parameter...

CVE-2019-11397

The CVE-2019-11397 issue affects Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 when used with .NET Framework 4.5. The GetFile.aspx handler exposes a Local File Inclusion (LFI) vulnerability via the FileDesc parameter, enabling an attacker to access local files. Impact is documented as ...

PT-2019-12282 · Microsoft +1 · .Net Framework +1

Name of the Vulnerable Software and Affected Versions: Rapid4 RapidFlows Enterprise Application Builder version 4.5M.23 Description: The issue allows for Local File Inclusion via the FileDesc parameter in the GetFile.aspx file. This can be exploited when the software is used with .NET Framework...

Update Veeam MP Core Services to Support TLS 1.2 Protocol

Challenge Starting with vSphere 6.5, the TLS protocol version 1.2 is enabled by default. Cause To allow Veeam Virtualization Extensions Service and Veeam VMware Collectors to connect to vCenter Servers that use the TLS 1.2 protocol, you must update Veeam MP core services. Solution NOTE: The...

Microsoft Identity Model Extensions Token Signing Verification Privilege Escalation Vulnerability

Description Microsoft Identity Model Extensions is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft .NET Framework 4.5 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.2 Microsoft...

MS12-074: Description of the security update for the .NET Framework 4.5 on Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Vista Service Pack 2, and Windows Server 2008 Service Pack 2: November 13, 2012

MS12-074: Description of the security update for the .NET Framework 4.5 on Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Vista Service Pack 2, and Windows Server 2008 Service Pack 2: November 13, 2012 View products that this article applies to.Microsoft has released the...

Update Rollup 3 for Windows Small Business Server 2011 Standard is available

Update Rollup 3 for Windows Small Business Server 2011 Standard is available Summary Update Rollup 3 for Windows Small Business Server 2011 Standard is now available. This update rollup contains all the updates that were included in the previous update rollup. Additionally, this update fixes the...

MS15-101: Description of the security update for the .NET Framework 4.5, 4.5.1, and 4.5.2 on Windows 8, Windows RT, and Windows Server 2012: September 8, 2015

MS15-101: Description of the security update for the .NET Framework 4.5, 4.5.1, and 4.5.2 on Windows 8, Windows RT, and Windows Server 2012: September 8, 2015 View products that this article applies to. Summary This update resolves vulnerabilities in the Microsoft .NET Framework that could allow...

MS13-052: Description of the security update for the .NET Framework 4.5 on Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: July 9, 2013

MS13-052: Description of the security update for the .NET Framework 4.5 on Windows Vista Service Pack 2, Windows Server 2008 Service Pack 2, Windows 7 Service Pack 1, and Windows Server 2008 R2 Service Pack 1: July 9, 2013 View products that this article applies to. August 13, 2013 This security...

Design/Logic Flaw

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4....

Microsoft .NET Framework Remote Code Execution Vulnerabilities (3078662)

This host is missing a critical security update according to Microsoft Bulletin MS15-080. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS14-053: Vulnerability in .NET Framework Could Allow Denial of Service (2990931)

The remote Windows host has a version of the Microsoft .NET Framework that is affected by a vulnerability that allows a remote attacker to cause a denial of service by sending specially crafted requests to an ASP.NET web application running on the affected system. Note that ASP.NET is not install...

Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2833958)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

CVE-2013-1337

Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation WCF endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka...

CVE-2013-1337

Microsoft .NET Framework 4.5 does not properly create policy requirements for custom Windows Communication Foundation WCF endpoint authentication in certain situations involving passwords over HTTPS, which allows remote attackers to bypass authentication by sending queries to an endpoint, aka...

Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2789649)

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...