Lucene search
+L

612 matches found

GithubExploit
GithubExploit
added 2024/10/25 2:53 p.m.1393 views

Exploit for Improper Authentication in Microsoft

Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124...

9.8CVSS10AI score0.6111EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2024/10/11 12:0 a.m.8 views

The vulnerability of the Netlogon service in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Netlogon service in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

9CVSS5.4AI score0.0117EPSS
Exploits1References2
NCSC
NCSC
added 2024/10/08 7:55 p.m.40 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the categories of damage listed below. The most serious vulnerability has been assigned attribute CVE-2024-38124 and is located in the NETLOGON functionality...

9CVSS8.9AI score0.66571EPSS
Exploits4
NVD
NVD
added 2024/10/08 6:15 p.m.17 views

CVE-2024-38124

Windows Netlogon Elevation of Privilege Vulnerability...

9CVSS0.0117EPSS
Exploits1References1
OSV
OSV
added 2024/10/08 6:15 p.m.4 views

CVE-2024-38124

Windows Netlogon Elevation of Privilege Vulnerability...

9CVSS5.8AI score0.0117EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/08 5:35 p.m.38 views

CVE-2024-38124 Windows Netlogon Elevation of Privilege Vulnerability

...

9CVSS6.8AI score0.0117EPSS
Exploits1References1
CVE
CVE
added 2024/10/08 5:35 p.m.794 views

CVE-2024-38124

CVE-2024-38124 is a Windows Netlogon Elevation of Privilege vulnerability. The provided exploitation context shows an attacker with network access on an AD domain can craft Netlogon messages to impersonate machines (including DCs), enabling privilege escalation and potential full AD compromise. A...

9CVSS9AI score0.0117EPSS
Exploits1References1Affected Software6
Cvelist
Cvelist
added 2024/10/08 5:35 p.m.40 views

CVE-2024-38124 Windows Netlogon Elevation of Privilege Vulnerability

...

9CVSS0.0117EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2024/10/08 7:0 a.m.58 views

Windows Netlogon Elevation of Privilege Vulnerability

...

9CVSS7.1AI score0.0117EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.4 views

PT-2024-6729 · Microsoft · Windows Netlogon +1

Name of the Vulnerable Software and Affected Versions: Windows Netlogon affected versions not specified Description: The vulnerability in Windows Netlogon is related to deficiencies in the authentication procedure, allowing a remote attacker to elevate their privileges. It involves predicting the...

9CVSS6.9AI score0.0117EPSS
Exploits1References12
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.25 views

Microsoft Windows Netlogon 授权问题漏洞

Microsoft Windows Netlogon is an important component of Windows from Microsoft Corporation USA, whose main functions are authentication of users and machines on intra-domain networks and replication of databases for domain-controlled backups, as well as maintenance of relationships between domain...

9CVSS6.5AI score0.0117EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.50 views

KB5044306: Windows Server 2008 Security Update (October 2024)

The remote Windows host is missing security update 5044306. It is, therefore, affected by multiple vulnerabilities - Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability CVE-2024-38212, CVE-2024-38261, CVE-2024-38265, CVE-2024-43453, CVE-2024-43549, CVE-2024-43564,...

9CVSS8.2AI score0.66571EPSS
Exploits3References35
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.146 views

KB5044293: Windows 10 Version 1607 / Windows Server 2016 Security Update (October 2024)

The remote Windows host is missing security update 5044293. It is, therefore, affected by multiple vulnerabilities - Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability CVE-2024-38212, CVE-2024-38261, CVE-2024-38265, CVE-2024-43453, CVE-2024-43549, CVE-2024-43564,...

9CVSS8.2AI score0.66571EPSS
Exploits3References60
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.142 views

KB5044343: Windows Server 2012 R2 Security Update (October 2024)

The remote Windows host is missing security update 5044343. It is, therefore, affected by multiple vulnerabilities - Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability CVE-2024-38212, CVE-2024-38261, CVE-2024-38265, CVE-2024-43453, CVE-2024-43549, CVE-2024-43564,...

9CVSS8.2AI score0.66571EPSS
Exploits3References51
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.94 views

KB5044342: Windows Server 2012 Security Update (October 2024)

The remote Windows host is missing security update 5044342. It is, therefore, affected by multiple vulnerabilities - Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability CVE-2024-38212, CVE-2024-38261, CVE-2024-38265, CVE-2024-43453, CVE-2024-43549, CVE-2024-43564,...

9CVSS8.2AI score0.66571EPSS
Exploits3References48
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.306 views

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...

10CVSS7.7AI score0.99512EPSS
Exploits75
Metasploit
Metasploit
added 2024/06/25 7:55 p.m.454 views

MS-NRPC Domain Users Enumeration

This module will enumerate valid Domain Users via no authentication against MS-NRPC interface. It calls DsrGetDcNameEx2 to check if the domain user account exists or not. It has been tested with Windows servers 2012, 2016, 2019 and 2022. Module Options msf use auxiliary/scanner/dcerpc/nrpcenumuse...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.55 views

RHEL 5 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: symlink race permits opening files outside share directory CVE-2017-2619 - samba: Netlogon elevati...

7.4AI score0.99512EPSS
Exploits78References10
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.11 views

PT-2024-19160 · Veeam · Veeam Recovery Orchestrator

Name of the Vulnerable Software and Affected Versions: Veeam Recovery Orchestrator affected versions not specified Description: The issue allows a user with a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service. Recommendations: At the...

8.8CVSS8.5AI score0.00701EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.27 views

EulerOS Virtualization 2.9.1 : samba (EulerOS-SA-2023-3093)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing...

8.1CVSS7AI score0.62606EPSS
Exploits0References5
Rows per page
Query Builder