18 matches found
PT-2026-36342
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the ksmbd component. The smb check perm dacl function fails to properly validate that an Access Control Entry ACE size is sufficient for the structure it...
CVE-2025-48802
CVE-2025-48802 is a Windows SMB Server spoofing vulnerability caused by improper certificate validation, enabling an authorized attacker to spoof over a network. The CVSS 3.1 base vector shows Network access, Low attack complexity, Privileges required: Low, no user interaction, with Impact: confi...
CVE-2025-29956 Windows SMB Information Disclosure Vulnerability
...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.328.3.el7 - IB/cm: Cancel mad on the DREQ event when the state is MRAREPRCVD Mark Zhang Orabug: 36143228 - KSPLICE: make sure the stack is zeroed. Gregory Herrero Orabug: 36154654 - sched/fair: Fix tg-load when offlining a CPU Vincent Guittot Orabug: 36185207 - i2c: core: Fix atomic...
A week in security (October 17 - 23)
Last week on Malwarebytes Labs: Thermal cameras could help reveal your password How to spot a scam Warning: "FaceStealer" iOS and Android apps steal your Facebook login Criminal group busted after stealing hundreds of keyless cars Fake tractor fraudsters plague online transactions DeadBolt...
A week in security (August 31 – September 6)
Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS...
July 24, 2017 – Morning Cyber Coffee Headlines – “Shark Week” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 24, 2017 - Headlines Carbon Black in the News: Soon, your most important...
Microsoft Windows SMB Security Feature Bypass (MS15-014; CVE-2015-0009)
A security feature bypass vulnerability exists in Microsoft Windows. The vulnerability is due to the way Group Policy settings are applied when SMB signing failures occur. An attacker can exploit this vulnerability by a man-in-the-middle attack that modifies domain controller responses to client...
Nmap NSE 6.01: smb-security-mode
Returns information about the SMB security level determined by SMB. Here is how to interpret the output: User-level authentication: Each user has a separate username/password that is used to log into the system. This is the default setup of pretty much everything these days. Share-level...
Nmap NSE 6.01: smb-security-mode
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE 6.01: p2p-conficker
Checks if a host is infected with Conficker.C or higher, based on Conficker's peer to peer communication. When Conficker.C or higher infects a system, it opens four ports: two TCP and two UDP. The ports are random, but are seeded with the current week and the IP of the infected host. By determini...
Nmap NSE net: smb-security-mode
Returns information about the SMB security level determined by SMB. SYNTAX: smbbasic: Forces the authentication to use basic security, as opposed to 'extended security'. Against most modern systems, extended security should work, but there may be cases where you want to force basic. There's a...
Nmap NSE net: smb-security-mode
This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nmap NSE: SMB Security Mode
This script attempts to get information about the SMB security level determined by SMB. This is a wrapper on the Nmap Security Scanner's http://nmap.org smb-security-mode.nse. OpenVAS Vulnerability Test $Id: gbnmapsmbsecuritymode.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap SMB Securi...
Economy, SMB security to dominate at RSA Conference
As a security show, the RSA Conference leaves a lot to be desired. Its technical sessions carry an uncomfortable load of marketing baggage and don’t have either the cachet or entertaining edge of those at Black Hat or CanSecWest. Anyone will tell you that the real business of RSA is happening off...
Mike Mimoso on the RSA Conference, Security Budgets and SMB Security
Dennis Fisher talks with Mike Mimoso, editor of Information Security magazine, about the story lines we’re likely to see at the RSA Conference, including virtualization and cloud security, as well as the effect of the economy on security budgets. Download Subscribe to the Digital Underground...
smb-security-mode NSE Script
Returns information about the SMB security level determined by SMB. Here is how to interpret the output: User-level authentication: Each user has a separate username/password that is used to log into the system. This is the default setup of pretty much everything these days. Share-level...
Hydra: SMB
This plugin runs Hydra to find SMB accounts and passwords by brute force, using the smb2 module. To use this plugin, Hydra must be installed in the same machine as your scanner. To configure the a scan policy to use Hydra, go to 'Assessment Brute Force' and check the 'Always enable Hydra slow'...