558 matches found
SMBLoris NBSS Denial of Service
!/usr/bin/env ruby require 'socket' require 'metasploit' require 'bindata' class NbssHeader ' , date: '2017-06-29', references: type: 'url', ref: 'https://web.archive.org/web/20170804072329/https://smbloris.com/' , type: 'aka', ref: 'SMBLoris' , type: 'dos', options: rhost: type: 'address',...
NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...
WPAD.dat File Server
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WPAD.dat File Server', 'Description' = %q This module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in...
SUSE CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon nmbd...
DL1 bug fix and enhancement update
An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...
MacOS NetBIOS Identity Information
Binary data macosxnetbiosinfo.nbin...
CVE-2023-49713
Denial-of-service DoS vulnerability exists in NetBIOS service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service DoS condition may occur...
Race condition
Denial-of-service DoS vulnerability exists in NetBIOS service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service DoS condition may occur...
CVE-2023-49713
Denial-of-service DoS vulnerability exists in NetBIOS service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-service DoS condition may occur...
CVE-2023-49713
The CVE-2023-49713 issue is a DoS vulnerability in the NetBIOS service of the HMI GC-A2 series. A remote unauthenticated attacker can cause a DoS by sending specially crafted packets to specific ports. Affected products include JTEKT ELECTRONICS GC-A2 family models; the vulnerability is described...
PT-2023-31309 · Unknown · Hmi Gc-A2 Series
Name of the Vulnerable Software and Affected Versions: HMI GC-A2 series affected versions not specified Description: A denial-of-service DoS issue exists in the NetBIOS service. If a remote unauthenticated attacker sends specially crafted packets to specific ports, a denial-of-service condition m...
Tater
It is an offensive tool for Windows Privilege Escalation. The primary CVE ID is not explicitly mentioned, but the tool is based on the Hot Potato Windows Privilege Escalation exploit, which is a known vulnerability. The target product/service is Windows, and the vulnerability class/vector is...
Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series
Overview HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service DoS vulnerabilities listed below. Denial-of-service DoS vulnerability in FTP service CWE-400 - CVE-2023-41963 Denial-of-service DoS vulnerability in commplex-link service CWE-400 - CVE-2023-491...
JVN#34145838: Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series
HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service DoS vulnerabilities listed below. Denial-of-service DoS vulnerability in FTP service CWE-400 - CVE-2023-41963 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H|...
HTTP NTLM Information Disclosure
Windows New Technology LAN Manager NTLM is a suite of Microsoft security protocols designed to offer authentication, integrity and confidentiality to users. In Windows environments, NTLM authentication is often supported over HTTP in order to protect access to specific resources. During the...
The vulnerability of the cmNetBiosParseName function in Canon printer software of the imageCLASS D, imageCLASS MF, imageCLASS LBP, imagePROGRAF, PIXMA, MAXIFY series allows a hacker to execute arbitrary code.
The vulnerability of the cmNetBiosParseName function in Canon printer microprogramming systems of the imageCLASS D, imageCLASS MF, imageCLASS LBP, imagePROGRAF, PIXMA, and MAXIFY series is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to...
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes via pdu_size in ksmbd_conn_handler_loop leading to an out-of-bounds read.
...
SUSE CVE-2023-38431
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...
Linux kernel connection.c file out-of-bounds read vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.8, which stems from the fact that fs/smb/server/connection.c does not validate the...
CVE-2023-38431
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...