171 matches found
Nosferatu - Lsass NTLM Authentication Backdoor
Lsass NTLM Authentication Backdoor How it Works First, the DLL is injected into the lsass.exe process, and will begin hooking authentication WinAPI calls. The targeted function is MsvpPasswordValidate, located in NtlmShared.dll. In the pursuit of not being detected, the hooked function will call...
PyHook - An Offensive API Hooking Tool Written In Python Designed To Catch Various Credentials Within The API Call
PyHook is the python implementation of my SharpHook project, It uses various API hooks in order to give us the desired credentials. PyHook Uses frida to inject it's dependencies into the target process Supported Processes Process | API Call | Description | Progress ---|---|---|--- mstsc |...
SharpHook - Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials
SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject its dependencies into the target process and...
NewStart CGSL MAIN 4.06 : sudo Multiple Vulnerabilities (NS-SA-2021-0001)
The remote NewStart CGSL host, running version MAIN 4.06, has sudo packages installed that are affected by multiple vulnerabilities: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a...
Exploit for Improper Handling of Exceptional Conditions in Sudo_Project Sudo
PoC exploit for CVE-2019-14287, a vulnerability in Sudo before 1.8.28. The exploit targets the ability of an attacker with access to a Runas ALL sudoer account to bypass certain policy blacklists and session PAM modules, and cause incorrect logging, by invoking sudo with a crafted user ID. The...
CentOS 8 : sudo (CESA-2019:3694)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2019:3694 advisory. - sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword CVE-2019-14287 Note that Nessus has not tested for this issue but has instead relied...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-2196)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated sudo packages fix security vulnerability
Updated sudo packages fix security vulnerabilities: It was found that sudo always allowed commands to be run with unknown user or group ids if the sudo configuration allowed it for example via the "ALL" alias. This could allow sudo to impersonate non-existent account and depending on how...
sudo: attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user
It was found that sudo always allowed commands to be run with unknown user or group ids if the sudo configuration allowed it for example via the "ALL" alias. This could allow sudo to impersonate non-existent account and depending on how applications are configured, could lead to certain restricti...
Update Rollup 8 for System Center 2012 R2 Operations Manager
Update Rollup 8 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 8 for System...
Description of Update Rollup 5 for System Center 2012 R2 Operations Manager
Description of Update Rollup 5 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 5 for Microsoft System Center 2012 R2 Operations Manager. This article also contains the installation instructions for Update Rollup 5 for...
Fedora 31 : sudo (2020-8b563bc5f4)
update to latest development version 1.9.0b1 - added sudologsrvd and sudosendlog to files and their appropriate man pages Resolves: rhbz1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file...
The vulnerability of the sudoer account in the Runas ALL system administration software allows a hacker to disable user authentication using a local password.
The vulnerability of the sudoer account in the Runas ALL system administration program is related to improper access control. Exploiting this vulnerability could allow a malicious actor to disable user authentication using the local password...
The vulnerability of the sudoer account in the Runas ALL system administration software allows a hacker to impersonate an existing user.
The vulnerability of the sudoer account in the Runas ALL system administration program is related to improper access control. Exploiting this vulnerability allows a malicious actor to impersonate an existing user...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...
Design/Logic Flaw
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...
CVE-2012-5626
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation...