4 matches found
SUSE CVE-2021-45100
The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2GLOBALCAPENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol...
CVE-2021-45100
An unexpected, non-encrypted communication flaw in the Linux kernel's ksmbd Samba 3 protocol implementation subsystem was found in the way when user set flag SMB2GLOBALCAPENCRYPTION using the SMB 3.1.1 protocol. If during connection flag SMB2GLOBALCAPENCRYPTION being used by remote user, then for...
Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)
CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48216.zip Usage ./CVE-2020-0796.py servername This script connects to the target host, and compresses the authentication request with a bad offset field set in t...
Microsoft Windows Server Message Block 3.1.1 RCE Vulnerability (KB4551762)
This host is missing a critical security update according to Microsoft KB4551762 Copyright C 2020 Greenbone Networks GmbH Text descriptions are largely excerpted from the rsleferenced advisory, and are Copyright C the respective authors SPDX-License-Identifier: GPL-2.0-or-later This program is fr...