21 matches found
CVE-2026-4387
StrongDM Desktop Application before 23.74.0 Desktop Client before 53.77.0 on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default...
CVE-2026-4387 Unencrypted storage of authentication state in StrongDM Desktop Application state.kv file
StrongDM Desktop Application before 23.74.0 Desktop Client before 53.77.0 on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default...
EUVD-2002-0034
Malware in sbrugna...
CVE-2002-0034
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected...
PowerHuntShares - Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains
PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intented to help IAM and other blue teams gain a better understand of their SMB Share attack surface and provides data insights t...
Microsoft Windows NTFS 权限许可和访问控制问题漏洞
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error alerts, disk self-healing, and logging capabilities. Microsoft Windows NTFS is vulnerable to privilege permission and access control issues. The following products and editions are...
Microsoft Windows NTFS 权限许可和访问控制问题漏洞
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-healing and logging capabilities. An elevation of privilege vulnerability exists in Microsoft Windows NTFS, which can be exploited by an attacker to elevate privileg...
Cisco AnyConnect Secure Mobility Client 4.8.01090 Privilege Escalation Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names. ------------------------------------------------------------------------ Cisco AnyConnect elevation of privileges due to insecure handling...
ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions Vulnerability
A vulnerability was found in the TrueVector Internet Monitor service, which is installed as part of the Check Point ZoneAlarm firewall. This vulnerability allows a local attacker to cause the affected service to change the file permissions of arbitrary local files. After the file permissions have...
ZoneAlarm TrueVector Internet Monitor Insecure NTFS Permissions
------------------------------------------------------------------------ ZoneAlarm TrueVector Internet Monitor service insecure NTFS permissions vulnerability ------------------------------------------------------------------------ Yorick Koster, December 2019...
Brava! Enterprise / Server 16.4 Information Disclosure
Vulnerable Application: Brava! Enterprise and Brava! Server Components Affected Versions: Brava! Enterprise and Brava! Server Components have this as the default configuration, from Brava! 7.5 to the latest Brava! 16.4 on Windows. Not Affected Versions: Linux installs do not automatically create...
Error: "The specified network name is no longer available", Profile Fails to Load and user receives Temporary Profile if NTFS permissions changed on User Store
Under certain circumstances, a user profile may fail to load and the user receives a temporary profile. When this occurs an error "The specified network name is no longer available" appears in the Profile Management Log...
[NTFS Permissions Reporter] Display Windows User Access Rights
If you are working as a standalone user on a system running one of the latest flavors of the Microsoft Windows operating system, you do not really have much need to assess and verify user permissions on the system. If a PC is shared by many, and maybe even multiple users with administration right...
So it is to bypass the NTFS permissions limit-vulnerability warning-the black bar safety net
This machine is loaded with Windows 2 0 0 0, because the working relationship will be important information to put in the C:\studio, theC drive to NTFS formatand set the following permissions: Lostarthat's me full control The Everyone read-only After one day, and found where the file being...
Multiple Cisco Secure Desktop security vulnerabilities
Weak NTFS permissions on installation folder. Protection bypass. Information leak...
CVE-2002-0034
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected...
CVE-2002-0034
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected...
SECURITY.NNOV: Windows 2000 system partition weak default permissions
Title: Windows 2000 system partition weak default permissions Affected: Windows 2000 Vendor: Microsoft Author: ZARAZA [email protected] Date: August, 03 2002 Risk: Average Exploitable: Yes Remote: No Vendor notified: few months ago SECURITY.NNOV URL: http://www.security.nnov.ru Advanced inf...
CVE-2001-1515
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended...
NAVCE 7.51 default permission exploit
============================================================ Topic: ===== Default NTFS permissions post-software install allow local user security context to modify "managed" Norton AntiVirus Corporate Edition 7.51 client configuration. Affected: ======== Norton AntiVirus Corporate Edition NAVCE...