May 10, 2022—KB5014018 (Security-only update)

May 10, 2022—KB5014018 Security-only update Summary Learn more about this security update, including improvements, any known issues, and how to get the update. IMPORTANT Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will...

March 8, 2022—KB5011560 (Security-only update)

March 8, 2022—KB5011560 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support...

March 8, 2022—KB5011529 (Security-only update)

March 8, 2022—KB5011529 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 7, Windows Server 2008 R2, Windows Embedded Standard 7, and Windows Embedded POS Ready 7 have reached the en...

CVE-2020-8239

A vulnerability in the Pulse Secure Desktop Client 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client Windows and Windows PDC...

MS16-076: Description of the security update for Netlogon: June 14, 2016

MS16-076: Description of the security update for Netlogon: June 14, 2016 Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to a primary domain controller PDC on a target network runs a special...

Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2015-04667)

Microsoft Windows Server is a series of servers based on the windows operating system launched by the U.S. Microsoft Microsoft. A security vulnerability exists in the Netlogon service for Microsoft Windows due to the program failing to properly implement domain-controller communication. A remote...

MS15-071: Vulnerability in NETLOGON Could Allow Elevation of Privilege (3068457)

The remote Windows host is affected by a privilege escalation vulnerability due to the Netlogon service improperly establishing a communications channel to a primary domain controller PDC. An attacker, with access to the PDC, can exploit this by using a crafted application to create a secure...

Scientific Linux Security Update : samba and samba3x on SL5.x, SL6.x i386/srpm/x86_64 (20140325)

It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. CVE-2013-4496 A flaw...

Moderate: Red Hat Security Advisory: samba and samba3x security update

Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

CVE-1999-1593

Windows Internet Naming Service WINS allows remote attackers to cause a denial of service connectivity loss or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are...

CVE-1999-1593

Windows Internet Naming Service WINS allows remote attackers to cause a denial of service connectivity loss or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are...

Samba < 3.0.27 Multiple Vulnerabilities

According to its banner, the version of the Samba server on the remote host contains a boundary error in the 'replynetbiospacket' function in 'nmbd/nmbdpackets.c' when sending NetBIOS replies. Provided the server is configured to run as a WINS server, a remote attacker can exploit this issue by...

Microsoft Windows SMB Registry : Remote PDC/BDC Detection

The remote host seems to be a Primary Domain Controller or a Backup Domain Controller. This can be verified by the value of the registry key 'ProductType' under 'HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions'. C Tenable Network Security, Inc. include"compat.inc"; if description...

nt.pdc.dos.txt

Date: Fri, 4 Jun 1999 14:01:01 -0700 Reply-To: Carl Byington Sender: Windows NT BugTraq Mailing List From: Carl Byington Subject: denial of service attack against NT PDC from Win95 workstation -----BEGIN PGP SIGNED MESSAGE----- I searched the archives, but did not find this one discussed. We have...