712 matches found
MS Windows Services ACLs Local Privilege Escalation Exploit (updated)
Exploit for unknown platform in category local exploits ===================================================================== MS Windows Services ACLs Local Privilege Escalation Exploit updated ===================================================================== / Privilege Scalation for Windows...
nokia_mms_gateway_vuln.txt
Nokia Terminal Gateway TGW is a server application used to deliver multimedia messages to users with GSM handsets that do not support MMS. Nokia Terminal Gateway is used by about 90 GSM operators all over the world. When somebody sends you a multimedia message and it is not delivered to your...
Microsoft Windows 'Backup Operators' Group User List
Using the supplied credentials, it is possible to extract the member list of the 'Backup Operators' group. Members of this group can logon to the remote host and perform backup operations read/write files but have no administrative rights. C Tenable Network Security, Inc. include"compat.inc"; if...
Microsoft Windows 'Print Operators' Group User List
Using the supplied credentials, it is possible to extract the member list of the 'Print Operators' group. Members of this group can manage printers within a Windows Domain or shutdown a server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10905; scriptversion"1.20"...
Microsoft Windows 'Server Operators' Group User List
Using the supplied credentials, it is possible to extract the member list of the 'Server Operators' group. Members of this group can perform most common administrative tasks. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10903; scriptversion"1.19"; scriptcvsdate"Dat...
Microsoft Windows 'Account Operators' Group User List
Using the supplied credentials, it is possible to extract the member list of the 'Account Operators' group. Members of this group can create or modify local user accounts but can not modify or create administrative accounts or edit user rights. C Tenable Network Security, Inc. include"compat.inc"...
CVE-2000-0785
WircSrv IRC Server 5.07s is affected by CVE-2000-0785: the importmotd command allows IRC operators to read arbitrary files by setting the MOTD to a specified file. Root cause is that MOTD handling accepts an arbitrary file path, enabling file disclosure. The vulnerability impact is partial confid...
Hybrid Ircd 5.0.3 p7 - Remote Buffer Overflow
Hybrid Ircd 5.0.3 p7 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/581/info Ircd hybrid-6 up to beta 58 has a vulnerability which can allow remote access to the irc server ircd. In most cases this attack results in the attacker gaining the privileges of the user 'irc'. This...
Microsoft Windows NT 4.04.0 SP14.0 SP24.0 SP34.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key
Microsoft Windows NT 4.04.0 SP14.0 SP24.0 SP34.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key // source: https://www.securityfocus.com/bid/182/info The default ACL over the HKEYLocalMachine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon key "System" value include...
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key
// source: https://www.securityfocus.com/bid/182/info The default ACL over the HKEYLocalMachine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon key "System" value includes an entry for Server Operators:Special. The Special setting allows Server Ops to "Set" this value. A malicious System...
PT-1999-1221 · Microsoft · Windows Nt
Name of the Vulnerable Software and Affected Versions: Windows NT affected versions not specified Description: The issue concerns inappropriate user membership in various groups, including Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators,...
Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators
More info at https://symfony.com/blog/cve-2026-48807-sandbox-tostring-policy-bypass-via-traversable-in-join-replace-and-in-not-in-operators...