149 matches found
CVE-2019-12091 Netskope client command injections vulnerability
The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from command injection vulnerability. Local users can use this vulnerability to...
CVE-2019-10882 Netskope client buffer overflow vulnerability
The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServer" function. Local users...
Microsoft Windows Kernel Intel x64 SYSRET PoC
No description provided by source. Source: http://packetstormsecurity.org/files/115908/sysret.rar This is proof of concept code that demonstrates the Microsoft Windows kernel Intel/x64 SYSRET vulnerability as described in MS12-042. The shellcode disables code signing and will grant NT SYSTEM...
Microsoft Windows NT 4.0 - NT4ALL Denial of Service
source: https://www.securityfocus.com/bid/3144/info It has been reported that it is possible to cause a denial of service on a Windows NT system using the 'NT4ALL' tool. The DoS reportedly occurs after the system reboots while being set in 'special mode' using 'NT4ALL'. In order to exploit NT4ALL...
razor.dvwssr.txt
BindView RAZOR Team Analysis of DVWSSR.DLL Risks Risks Uncovered: ================ The risks of having dvwssr.dll are not as severe as originally reported in media outlets Friday morning, but still severe enough that system administrators responsible for NT systems to investigate. The risks invol...
CVE-1999-0594
A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive...
CVE-1999-0595
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded...
nt-tcpip-dos.txt
Date: Fri, 25 Sep 1998 18:19:50 +0200 From: Gigi Mori Subject: Crashing NT with Native Calls Hi, Playing with TCPIP.SYS I've noticed that any user could crash the local system with a IRQLNOTLESSOREQUAL exception just calling the undocumented function NtDeviceIoControlFile with an handle to TCPIP...
nt.system.policies.txt
Date: Wed, 3 Feb 1999 22:41:52 -0000 From: mnemonix To: [email protected] Subject: Inherent weaknesses in NT system policies There are certain key vulnerabilities in NT's System Policies that allow most restrictions to be by-passed. For instance, although Registry Editing tools can be disabled...