58 matches found
📄 Microsoft Windows 11 Build 10.0.22631.6199 Advanced Admin Protection Bypass
This enhanced proof of concept exploit demonstrates an advanced method for bypassing Windows Administrator Protection by manipulating registry hives using both WinAPI and NTAPI. The code implements safe smart‑pointer wrappers for handles, secure SID management, deep registry enumeration, privileg...
EUVD-2010-0268
Malware in sbrugna...
EUVD-2019-13491
Malware in sbrugna...
Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia
Last December, we discovered a new group targeting Russian businesses and government agencies with ransomware. Further investigation into this group's activity suggests a connection to other groups currently targeting Russia. We have seen overlaps not only in indicators of compromise and tools, b...
Metasploit Wrap-Up
Basic discover script improvements This week two improvements were made to the script/resource/basicdiscovery.rc resource script. The first update from community member samsepi0x0 allowed commas in the RHOSTS value, making it easier to target multiple hosts. Additionally, adfoster-r7 improved the...
SUSE CVE-2019-3880
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions...
SUSE CVE-2021-3504
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to...
SUSE CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
hivex: stack overflow due to recursive call of _get_children()
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file which would cause hivex to recursively call the _get_children() function leading to a stack overflow. The highest threat from this vulnerability is to system availability.
...
DEBIAN-CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
AZL-7096 CVE-2021-3622 affecting package hivex for versions less than 1.3.21-1
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
UBUNTU-CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability.
...
OESA-2021-1361 hivex security update
Hivex is a library for extracting the contents of Windows Registry "hive" files. It is designed to be secure against buggy or malicious registry files. Security Fixes: No description is available for this CVE.CVE-2021-3622...
hivex: stack overflow due to recursive call of _get_children()
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
hivex: Buffer overflow when provided invalid node key length
A flaw was found in the hivex library. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat...
Aggrokatz - An Aggressor Plugin Extension For Cobalt Strike Which Enables Pypykatz To Interface With The Beacons Remotely
aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The current version of aggrokatz allows pypykatz to parse LSASS dump files and Registry hive files to extract credentials and other secrets stored without downloading the fil...
hivex: Buffer overflow when provided invalid node key length
A flaw was found in the hivex library. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat...