CVE-2023-24900 Windows NTLM Security Support Provider Information Disclosure Vulnerability

...

Windows NTLM Security Support Provider Information Disclosure Vulnerability

...

PT-2023-2692 · Microsoft · Windows Ntlm Security Support Provider +1

Name of the Vulnerable Software and Affected Versions: Windows NTLM Security Support Provider affected versions not specified Description: The issue is related to the implementation of the NTLM Security Support Provider protocol in the Windows operating system, which lacks protection for service...

DragonCastle - A PoC That Combines AutodialDLL Lateral Movement Technique And SSP To Scrape NTLM Hashes From LSASS Process

A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Description Upload a DLL to the target machine. Then it enables remote registry to modify AutodialDLL entry and start/restart BITS service. Svchosts would load our DLL, set again AutodiaDL...

squid: buffer-over-read in SSPI and SMB authentication

A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...

squid: buffer-over-read in SSPI and SMB authentication

A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...

CVE-2022-24454

Windows Security Support Provider Interface Elevation of Privilege Vulnerability...

NorkNork - Powershell Empire Persistence Finder

This script was designed to identify Powershell Empire persistence payloads on Windows systems. It currently supports checks for these persistence methods: Scheduled Tasks Auto-run WMI subscriptions Security Support provider Ease of Access Center backdoors Machine account password disable INSTALL...

MIRcon 2014 – Day 1 Highlights

The first day of MIRcon 2014 is officially done and was packed with thought-provoking keynotes, presentations and a one-of-a-kind reception. While there's too much to fit into this blog post, I wanted to provide you with some of the highlights: FireEye's COO, Kevin Mandia kicked-off MIRcon and wa...

CVE-2001-0016

CVE-2001-0016 concerns the NTLMSSP (NTLM Security Support Provider) service. The LPC request handling bug allows a local user to gain administrator-level privileges by exploiting improper function-number checks, enabling local privilege escalation on affected Windows systems. Reported as MS01-008...