Lucene search
K

16 matches found

Trellix
Trellix
added 2026/02/10 12:0 a.m.9 views

When SPNs Go Rogue: Detection and Remediation with Trellix NDR

When SPNs Go Rogue: Detection and Remediation with Trellix NDR By Maulik Maheta and Henry Bernabe · February 10, 2026 Executive summary Service Principal Names SPNs are essential for Kerberos authentication in Active Directory AD, but misconfigurations, such as assigning SPNs to standard user...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: samba (CVE-2022-0336)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0336 advisory. - The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do...

8.8CVSS8AI score0.01301EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/02/20 5:35 p.m.40 views

CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin

Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...

9.6CVSS9.7AI score0.01262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/20 5:35 p.m.17 views

CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin

Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...

9.6CVSS7.2AI score0.01262EPSS
Exploits0References1
Trellix
Trellix
added 2023/05/21 12:0 a.m.21 views

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2 By Maulik Maheta · May 21, 2023 This blog was also written by Chintan Shah Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service...

7.9AI score
Exploits0
OSV
OSV
added 2022/08/29 3:15 p.m.6 views

AZL-10741 CVE-2022-0336 affecting package samba 4.12.5-7

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

8.8CVSS7AI score0.01301EPSS
Exploits0References1
OSV
OSV
added 2022/08/29 3:15 p.m.3 views

DEBIAN-CVE-2022-0336

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

8.8CVSS7.5AI score0.01301EPSS
Exploits0References1
OSV
OSV
added 2022/01/31 12:0 a.m.4 views

UBUNTU-CVE-2022-0336

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

8.8CVSS6.8AI score0.01301EPSS
Exploits0References4
Gitee
Gitee
added 2021/01/24 6:59 p.m.7 views

Exploit for Improper Privilege Management in Microsoft

内网渗透学习笔记 作者:chriskali Github:chriskaliX 近期,拜读了腾讯蓝军-红蓝对抗之Windows内网渗透,学到了不少知识点。打算拆分章节进行整理以及复现,主要记录自己缺失的知识点。这是一个大杂烩文章,主线是跟着jumbo师傅的思路,碰到感兴趣的,我会继续扩展。可能有点凌乱,希望大家见谅。 0x01 环境搭建 这一步略过,简单介绍一下测试的环境 |主机名|IP地址|角色|系统| |:-:|:-:|:-:|:-:| |DC|10.10.10.10|DC|DNS|Winserver 2012| |John|10.10.10.11|normal|win7|...

7.8CVSS7.1AI score0.08589EPSS
Exploits7
Microsoft KB
Microsoft KB
added 2018/08/22 12:0 a.m.4 views

September 19, 2017—KB4038774 (Preview of Monthly Rollup)

September 19, 2017—KB4038774 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4038792released September 12, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresse...

7.2AI score
Exploits0
n0where
n0where
added 2018/07/02 3:11 p.m.307 views

Active Directory Reconnaissance: ADRecon

ADRecon is a tool which extracts various artifacts as highlighted below out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD...

0.6AI score
Exploits0References3
Kitploit
Kitploit
added 2018/06/19 1:30 p.m.2343 views

Impacket - Collection Of Python Classes For Working With Network Protocols

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols e.g. SMB1-3 and MSRPC the protocol implementation itself. Packets can be constructed from scratch, as well as parsed...

9.8CVSS9.3AI score0.99448EPSS
Exploits26References46
Kitploit
Kitploit
added 2018/01/02 9:7 p.m.42 views

ADRecon - Tool Which Gathers Information About The Active Directory

ADRecon is a tool which extracts various artifacts as highlighted below out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD...

6.9AI score
Exploits0References3
OSV
OSV
added 2017/07/13 12:0 a.m.1 views

UBUNTU-CVE-2017-11103

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...

8.1CVSS6.8AI score0.05118EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2015/04/09 5:9 a.m.49 views

Moderate: Red Hat Security Advisory: krb5 security update

Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...

9CVSS6.9AI score0.06213EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/07/13 12:0 a.m.43 views

MITKRB5-SA-2005-002: buffer overflow, heap corruption in KDC

-----BEGIN PGP SIGNED MESSAGE----- MIT krb5 Security Advisory 2005-002 Original release: 2005-07-12 Topic: buffer overflow, heap corruption in KDC Severity: CRITICAL SUMMARY ======= The MIT krb5 Key Distribution Center KDC implementation can corrupt the heap by attempting to free memory at a rand...

7.5CVSS0.7AI score0.08425EPSS
Exploits0
Rows per page
Query Builder