SUSE CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

UBUNTU-CVE-2023-42670

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes for example,...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Samba vulnerabilities (USN-6425-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6425-1 advisory. Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to...

Getting a persistent shell on a 747 IFE

TL:DR The Coronavirus pandemic has hit the airline industry hard. One sad consequence was early retirement of most of the 747 passenger fleet. This does however create opportunities for aviation security research, as airframes are parked up before parting out in breakers yards. This 747 was flyin...

Rockwell Automation 4-Channel Thermocouple/mV Input Module 1746-NT4 Analog I/O

Binary data 754032.prm...

nt4.zacks.com XSS vulnerability

Open Bug Bounty ID: OBB-554344 Description| Value ---|--- Affected Website:| nt4.zacks.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Debian Security Advisory DSA 3909-1 (samba - security update)

Jeffrey Altman, Viktor Duchovni and Nico Williams identified a mutual authentication bypass vulnerability in samba, the SMB/CIFS file, print, and login server. Also known as Orpheus OpenVAS Vulnerability Test $Id: deb3909.nasl 6800 2017-07-26 06:58:22Z cfischer $ Auto-generated from advisory DSA...

NSA Arsenal: CVE-2017-9073 EsteemAudit analysis-vulnerability warning-the black bar safety net

In April, one named“shadow broker,”the organization publish a part of them from the NSA to steal the exploit tool, mainly for the windows operating system. One of the most famous is the ransomware WanaCryp0t use / exploit"EternalBlue"in. Another is the release to use the tool for the CVE-2017-907...

Debian Security Advisory DSA 3816-1 (samba - security update)

Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploting a symlink race to access areas of the server file system not exported under a share definition...

Debian Security Advisory DSA 3171-1 (samba - security update)

Richard van Eeden of Microsoft Vulnerability Research discovered that Samba, a SMB/CIFS file, print, and login server for Unix, contains a flaw in the netlogon server code which allows remote code execution with root privileges from an unauthenticated connection. OpenVAS Vulnerability Test $Id:...

Oracle 8i TNS Listener Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2941/info Oracle 8i ships with a component called TNS Listener. TNS Listener is used to arbitrate communication between remote database clients/applications and the database server. There exists a remotely exploitable...

YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit

No description provided by source. / YahooPOPS v1.6 and prior SMTP port buffer overflow exploit v0.1 Exploit code by class101 at DFind.kd-team.com Bind a shellcode to the port 101. Thanx to Behrang [email protected] for the bug discovery Thanx to HDMoore and Metasploit.com for their...

Microsoft Indexing Services for Windows 2000/NT 4.0 .htw Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1861/info A cross-site scripting vulnerability has been reported in Microsoft Indexing Services for Windows 2000/NT4 and its handling of the .htw extension. If a user inadvertantly opened a hostile link through a browser ...

Apple WebObjects Developer NT4 IIS4.0 CGI-adapter 4.5 Developer Remote Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1896/info A denial-of-service vulnerability exists in Apple's WebObjects 4.5 Developer, a popular platform for developing web-based applications. The vulnerable version is Windows NT 4.0 SP5, when run in conjunction with...

Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

CVE-2010-4566

The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via...

Authentication flaw

The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via...

CVE-2010-4566

The CVE affects Citrix Access Gateway where the web authentication form in NT4 authentication (Enterprise Edition 9.2-49.8 and earlier) and the NTLM component in Standard/Advanced editions before 5.0 allows attackers to inject shell metacharacters in the password field to execute arbitrary comman...

Remote shield the telnet service of the ntlm authentication-bug warning-the black bar safety net

A lot of people get to upload the file permissions and administrator permissions later want to start the remote tlelnet service, but met Nasty NTLM authentication, for this case, we very often use to upload files 比如 NTLM.exe and then at the remote timing of the implementation, if at hand is no su...

Microsoft Exchange OWA 长用户名拒绝服务漏洞

微软Exchange OWAOutlook Web Access组件存在一个拒绝服务漏洞。当使用很多"%"作 为用户名和口令登录时，OWA会返回HTTP 500 - Internal server error信息。用户将不 能通过IE进行登录。据报告说WWW发布服务和IIS管理服务会停止响应。 Microsoft Exchange Server 5.5 SP4 Microsoft Exchange Server 5.5 SP3 Microsoft Exchange Server 5.5 SP2 Microsoft Exchange Server 5.5 SP1 Microsoft...