EUVD-2018-17259

Malware in sbrugna...

KrbRelay - Framework For Kerberos Relaying

Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There may ...

Cisco Firepower System Software Detection Engine DoS (cisco-sa-20181003-fp-smb-snort)

According to its self-reported version, Cisco FTD Software is affected by a Denial of Service DoS vulnerability within the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocol implementation due to incorrect header validation. An an unauthenticated, remote attacker can cause the devi...

Microsoft Windows Multiple Vulnerabilities (KB4592468)

This host is missing a critical security update according to Microsoft KB4592468 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4593226)

This host is missing a critical security update according to Microsoft KB4593226 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4592471)

This host is missing a critical security update according to Microsoft KB4592471 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4592464)

This host is missing a critical security update according to Microsoft KB4592464 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4592446)

This host is missing a critical security update according to Microsoft KB4592446 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4592449)

This host is missing a critical security update according to Microsoft KB4592449 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4592484)

This host is missing a critical security update according to Microsoft KB4592484 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4592438)

This host is missing a critical security update according to Microsoft KB4592438 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows SMB Server Information Disclosure (CVE-2020-17140)

An information disclosure vulnerability has been reported in the SMBv2 component of Microsoft Windows SMB server. The vulnerability is due to improper handling of SMB2SETINFO messages. A remote, authenticated attacker can exploit this vulnerability by sending crafted SMBv2 messages to the target...

SMBv2 Symlink to Local File Vulnerability

SMBv2 supports symlinks on remote file systems by returning a special status code STATUSSTOPPEDONSYMLINK when a symlink is encountered on the remote share. It also returns a symlink reparse data buffer to be processed to determine where to redirect the request. While this is supported functionali...

SMBv2+ Client Detection

Binary data 700731.prm...

CVE-2019-0630

CVE-2019-0630 is a remote code-execution flaw in the Windows SMBv2 server as described by connected sources. The vulnerability arises in how the SMBv2 server handles certain requests, enabling an attacker to execute arbitrary code on a affected system. The linked 0day page notes no mitigations or...

CVE-2019-0630

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633...

CVE-2019-0633

CVE-2019-0633 describes a remote code-execution vulnerability in the Microsoft Windows SMBv2 server. The SMBv2 service can be triggered by handling certain requests, enabling an attacker to execute arbitrary code on the target system. The CVE is distinct from CVE-2019-0630. Severity is high (NVD ...

CVE-2019-0633

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630...

CVE-2019-0630

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633...

CVE-2019-0633

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630...