26 matches found
PT-2025-10805 · Microsoft · Windows Routing/Remote Access Service +1
Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS versions prior to the fixed version Description: The issue is related to a heap-based buffer overflow in the Windows Routing and Remote Access Service RRAS, which allows an unauthorized attacker ...
CVE-2024-43607
Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability...
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
...
Microsoft Windows Multiple Vulnerabilities (KB5028185)
This host is missing an important security update according to Microsoft KB5028185 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows RRAS Service MIBEntryGet Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows RRAS Service MIBEntryGet Overflow', 'Description' = %q This module exploits an overflow in the Windows Routing and Remote Acces...
CVE-2020-1383
CVE-2020-1383 is an information disclosure vulnerability in Windows RRAS: when Routing and Remote Access is enabled, an attacker can exploit a flaw in RPC handling to obtain information that could aid compromise. Exploitation requires a crafted application against an RPC server with RRAS enabled ...
CVE-2020-1383 Windows RRAS Service Information Disclosure Vulnerability
...
Windows RRAS Service Information Disclosure Vulnerability
An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system To exploit this vulnerability, an attacker would need to run a...
KLA11929 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A memory corruption...
Windows RRAS Service Remote Code Execution Vulnerability
Added: 06/06/2018 BID: 102055 Background Routing Remote Access Service RRAS is a Microsoft API that can be used to create client applications. These applications display RAS common dialog boxes, manage remote access connections and devices, and manipulate phone-book entries. These APIs make it...
Windows RRAS Service Remote Code Execution Vulnerability
Added: 06/06/2018 BID: 102055 Background Routing Remote Access Service RRAS is a Microsoft API that can be used to create client applications. These applications display RAS common dialog boxes, manage remote access connections and devices, and manipulate phone-book entries. These APIs make it...
Windows RRAS Service Remote Code Execution Vulnerability
Added: 06/06/2018 BID: 102055 Background Routing Remote Access Service RRAS is a Microsoft API that can be used to create client applications. These applications display RAS common dialog boxes, manage remote access connections and devices, and manipulate phone-book entries. These APIs make it...
Microsoft Windows 2003 SP2 RRAS SMB Remote Code Execution
!/usr/bin/env python -- coding: utf-8 -- Tested in Windows Server 2003 SP2 ES - Only works when RRAS service is enabled. The exploited vulnerability is an arbitraty pointer deference affecting the dwVarID field of the MIBOPAQUEQUERY structure. dwVarID sent by the client is used as a pointer to an...
Microsoft Windows 2003 SP2 - RRAS SMB Remote Code Execution
Microsoft Windows 2003 SP2 - RRAS SMB Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- Tested in Windows Server 2003 SP2 ES - Only works when RRAS service is enabled. The exploited vulnerability is an arbitraty pointer deference affecting the dwVarID field of the MIBOPAQUEQUERY...
Microsoft Windows 2003 SP2 - RRAS SMB Remote Code Execution Exploit
Exploit for windows platform in category remote exploits !/usr/bin/env python -- coding: utf-8 -- Tested in Windows Server 2003 SP2 ES - Only works when RRAS service is enabled. The exploited vulnerability is an arbitraty pointer deference affecting the dwVarID field of the MIBOPAQUEQUERY...
Description of the security update for the Windows RRAS Service remote code execution vulnerability in Windows Server 2008: December 12, 2017
Description of the security update for the Windows RRAS Service remote code execution vulnerability in Windows Server 2008: December 12, 2017 Summary A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploits this...
Microsoft Windows 2003 SP2 ERRATICGOPHER SMB Remote Code Execution
!/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory corruption seems to be a Heap Overflow in the Windows DCE-RPC Call...
Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution
!/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory corruption seems to be a Heap Overflow in the Windows DCE-RPC Call...
Microsoft Windows 2003 SP2 - ERRATICGOPHER SMB Remote Code Execution
Microsoft Windows 2003 SP2 - ERRATICGOPHER SMB Remote Code Execution !/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory...
Microsoft RRAS Service RASMAN Registry Overflow
No description provided by source. $Id: ms06025rasmansreg.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...