2083 matches found
Microsoft Windows Named Pipe File System CVE-2018-0823 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to run processes with elevated privileges. Technologies Affected Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Syste...
CVE-2016-9570
cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service out-of-bounds read, invalid pointer dereference, and application crash by leveraging access to the NetMon named pipe...
CVE-2016-9570
cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service out-of-bounds read, invalid pointer dereference, and application crash by leveraging access to the NetMon named pipe...
CVE-2016-9570
cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service out-of-bounds read, invalid pointer dereference, and application crash by leveraging access to the NetMon named pipe...
Windows Meterpreter Shell, Bind Named Pipe Inline (x64)
Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 203846 include Msf::Payload::TransportConfig...
Windows x64 Command Shell, Windows x64 Bind Named Pipe Stager
Spawn a piped command shell Windows x64 staged. Listen for a pipe connection Windows x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 481 include Msf::Payload::Stager include...
Windows Meterpreter (Reflective Injection x64), Windows x64 Bind Named Pipe Stager
Inject the meterpreter server DLL via the Reflective Dll Injection payload staged. Requires Windows XP SP2 or newer. Listen for a pipe connection Windows x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...
Windows Meterpreter Shell, Bind Named Pipe Inline
Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 177734 include Msf::Payload::TransportConfig...
Windows x64 VNC Server (Reflective Injection), Windows x64 Bind Named Pipe Stager
Inject a VNC Dll via a reflective loader Windows x64 staged. Listen for a pipe connection Windows x64 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 481 include Msf::Payload::Stag...
Threat Outbreak Alert RuleID31916: Email Messages Distributing Malicious Software on February 7, 2018
Medium Alert ID: 56695 First Published: 2018 February 7 16:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31916 may contain the following files: Name |...
Microsoft Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Windows XP systems that are not part of a domain default to treating all network logons as if they were Guest. This prevents SMB relay attacks from gaining administrativ...
MS17-010 EternalRomance / EternalSynergy / EternalChampion SMB Remote Windows Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Windows XP systems that are not part of a domain default to treating all network logons as if they were Guest. This prevents SMB relay attacks from gaining administrativ...
Microsoft Windows SMB MS17-010 EternalRomance / EternalSynergy / EternalChampion Remote Code Executi
This Metasploit module will exploit SMB with vulnerabilities in MS17-010 to achieve a write-what-where primitive. This will then be used to overwrite the connection session information with as an Administrator session. From there, the normal psexec payload code execution is done. Exploits a type...
UBUNTU-CVE-2017-16912
The "getpipe" function drivers/usb/usbip/stubrx.c in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service out-of-bounds read via a specially crafted USB over IP packet...
MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
This module will exploit SMB with vulnerabilities in MS17-010 to achieve a write-what-where primitive. This will then be used to overwrite the connection session information with as an Administrator session. From there, the normal psexec command execution is done. Exploits a type confusion betwee...
Commvault Command Injection Vulnerability
Commvault is the United States Commvault company's set of Simpana all-in-one software platform based on end-users to provide automatic data protection and instant access to the functions of the software. A command injection vulnerability exists in the ContentStore/Base/CVDataPipe.dll file in...
Microsoft Windows SMB Server (v1v2) - Mount Point Arbitrary Device Open Privilege Escalation
Microsoft Windows SMB Server v1v2 - Mount Point Arbitrary Device Open Privilege Escalation Windows: SMB Server v1 and v2 Mount Point Arbitrary Device Open EoP Platform: Windows 10 1703 and 1709 seems the same on 7 and 8.1 but not extensively tested Class: Elevation of Privilege Summary: The SMB...
CVE-2017-17405
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...
ALPINE-CVE-2017-17405
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...
UBUNTU-CVE-2017-17405
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...