CVE-2023-36423 Microsoft Remote Registry Service Remote Code Execution Vulnerability

...

GO-2023-2181 Denial of service attack from remote registry in github.com/sigstore/cosign

An attacker who controls a remote registry can return a high number of attestations and/or signatures to cosign. This can cause cosign to enter a long loop resulting in a denial of service, i.e., endless data attack...

Cosign vulnerable to possible endless data attack from attacker-controlled registry

Summary Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in an endless data attack. The root cause is tha...

SUSE CVE-2023-46737

Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in...

CVE-2023-46737

Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in...

CVE-2023-46737 Possible endless data attack from attacker-controlled registry in cosign

Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in...

Containerd Bug Exposes Cloud Account Credentials

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host’s registry or users’ cloud-account credentials. Containerd bills itself as a runtime tool that “manages the complete container lifecycle of its host system, from image transfer and storage to...

CVE-2019-11288

In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker...

CVE-2017-17406

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry, which listens on TCP ports 1800 and 1850 by defaul...

Windows 10: protection, detection, and response against recent Depriz malware attacks

A few weeks ago, multiple organizations in the Middle East fell victim to targeted and destructive attacks that wiped data from computers, and in many cases rendering them unstable and unbootable. Destructive attacks like these have been observed repeatedly over the years and the Windows Defender...

FireEye Responds to Wave of Destructive Cyber Attacks in Gulf Region

In 2012, a suspected Iranian hacker group called the “Cutting Sword of Justice” used malware known as Shamoon – or Disttrack. In mid-November, Mandiant, a FireEye company, responded to the first Shamoon 2.0 incident against an organization located in the Gulf states. Since then, Mandiant has...

Windows NT 4.0 - Remote Registry Request Dos Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting...

Windows NT 4.0 - Remote Registry Request Dos Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting...

Nmap NSE 6.01: smb-enum-sessions

Enumerates the users logged into a system either locally or through an SMB share. The local users can be logged on either physically on the machine, or through a terminal services session. Connections to a SMB share are, for example, people connected to fileshares or making RPC calls. Nmap's...

Nmap NSE 6.01: smb-system-info

Pulls back information about the remote system from the registry. Getting all of the information requires an administrative account, although a user account will still get a lot of it. Guest probably won't get any, nor will anonymous. This goes for all operating systems, including Windows 2000...

Windows Manage Proxy Setting Cloner

This module copies the proxy settings from the current user to the targeted user SID, supports remote hosts as well if remote registry is allowed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

MS12-028: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)

The remote host is running a version of Microsoft Works for Windows document converter that is affected by a heap overflow vulnerability. If an attacker can trick a user on the affected host into opening a specially crafted Works file, this issue could be leveraged to run arbitrary code on the ho...

Remote Registry Inaccessible to 2003 Server

Challenge VSS fails with the following error: Starting guest agent Cannot initialize information about the guest's system. Target host: xxx.xx.xxx.x. Cannot collect metrics about the guest's operation system. Cannot open sessions manager's registry key. Win32 error:Access is denied. Cause Typical...

Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal() Remote Registry Dump Vulnerability

!-- Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal Remote Registry Dump Vulnerability download uri: ftp://ftp.us.dell.com/sysman/OM-ITAssistant-Dell-Web-WIN-6.5.0-2247A01.21.exe ActiveX settings: CLSID: 6286EF1A-B56E-48EF-90C3-743410657F3C ProgID:...

Nmap NSE net: smb-system-info

Pulls back information about the remote system from the registry. Getting all of the information requires an administrative account, although a user account will still get a lot of it. Guest probably won't get any, nor will anonymous. This goes for all operating systems, including Windows 2000...