EUVD-2002-2117

Malware in sbrugna...

Samba SMB1 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samba. Authentication is required to exploit this vulnerability, and SMB1 must be enabled on the target. The specific flaw exists within the Samba service, which listens on TCP port 139 by...

Virus.Win32.Ipamor.c Unauthenticated Reboot

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b6bfdfe91c3e37865b6a269dc9ff9302.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Virus.Win32.Ipamor.c Vulnerability: Unauthenticated Remote System Reboot Description: The malware...

Trojan-Dropper.Win32.Daws.etlm Unauthenticated Reboot

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a0479e18283ed46e8908767dd0b40f8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Daws.etlm Vulnerability: Remote Unauthenticated System Reboot Description:...

Trojan-Dropper.Win32.Daws.etlm Unauthenticated Reboot

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a0479e18283ed46e8908767dd0b40f8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Daws.etlm Vulnerability: Remote Unauthenticated System Reboot Description:...

Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)

Nessus was able to obtain the set of SMB2 and SMB3 dialects running on the remote host by sending an authentication request to port 139 or 445. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid106716; scriptversion"1.6";...

Samba Version

Nessus was able to obtain the samba version from the remote operating by sending an authentication request to port 139 or 445. Note that this plugin requires SMB1 to be enabled on the host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104887; scriptversion"1.2";...

Patching CVE-2017-7494 in Samba: It’s the Circle of Life

With the scent of scorched internet still lingering in the air from the WannaCry Ransomworm, today we see a new scary-and-potentially-incendiary bug hitting the twitter news. The vulnerability - CVE-2017-7494 - affects versions 3.5 released March 1, 2010 and onwards of Samba, the defacto standard...

Microsoft Windows 2000/NT 4 TCP Stack DoS Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139. Successful exploitation of th...

Microsoft Windows 2000/NT 4 TCP Stack DoS Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139. Successful exploitation of th...

Microsoft Windows TrueType Font (TTF)远程代码执行漏洞（MS12-078)

BUGTRAQ ID: 56842 CVECAN ID: CVE-2012-4786 Microsoft Windows是Microsoft开发的Windows是目前世界上用户最多、并且兼容性最强的操作系统。 Microsoft Windows未正确处理TrueType Font TTF文件而存在安全漏洞。通过诱使用户浏览恶意网站或打开恶意文件，未经身份验证的远程攻击者可利用此漏洞在内核态中执行任意代码。 0 Microsoft Windows RT Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows XP...

Nmap NSE net: smb-os-discovery

Attempts to determine the operating system, computer name, domain, and current time over the SMB protocol ports 445 or 139. This is done by starting a session with the anonymous account or with a proper user account, if one is given; it likely doesn't make a difference; in response to a session...

Nmap NSE net: smb-enum-users

Attempts to enumerate the users on a remote Windows system, with as much information as possible, through two different techniques both over MSRPC, which uses port 445 or 139; see 'smb.lua'. The goal of this script is to discover all user accounts that exist on a remote system. This can be helpfu...

smb-enum-users NSE Script

Attempts to enumerate the users on a remote Windows system, with as much information as possible, through two different techniques both over MSRPC, which uses port 445 or 139; see smb.lua. The goal of this script is to discover all user accounts that exist on a remote system. This can be helpful...

Buffer overflow

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port 1 139 or 2 445...

CVE-2007-5580

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port 1 139 or 2 445...

Code injection

The Common Internet File System CIFS optimization in Cisco Wide Area Application Services WAAS 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service loss of service via a flood of...

CVE-2007-3923

The Common Internet File System CIFS optimization in Cisco Wide Area Application Services WAAS 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service loss of service via a flood of...

CVE-2007-3923

The Common Internet File System CIFS optimization in Cisco Wide Area Application Services WAAS 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service loss of service via a flood of...

Immunity Canvas: SNORTRPC

Name| snortrpc ---|--- CVE| CVE-2006-5276 Exploit Pack| CANVAS Description| Snort RPC Notes| CVE Name: CVE-2006-5276 VENDOR: SourceFire Notes: This version of the exploit needs to connect to a port 139 Note that it does not need to be an actual Netbios target. Something like a netcat listener wil...