Important: Red Hat Security Advisory: Ansible security and bug fix update (2.7.17)

An update for ansible is now available for Ansible Engine 2.7 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Pillaging AWS ECS Task Definitions for Hardcoded Secrets

The post Pillaging AWS ECS Task Definitions for Hardcoded Secrets appeared first on Rhino Security Labs...

tater

It is an offensive tool for Windows Privilege Escalation. The tool is called Tater, a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. The target product/service or framework is Windows, and the vulnerability class/vector is Privilege Escalation. The probable entr...

Unspecified Vulnerability in Z-Cron

Z-Cron is a scheduled task scheduler. The program supports timed startup or exit of programs in Windows. An unspecified vulnerability exists in Z-Cron that stems from incorrect access control. An attacker can exploit the vulnerability by modifying tasks for an elevated privilege user to elevate...

CVE-2020-11799

Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to...

Use after free

Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to...

CVE-2020-0936

An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'...

CVE-2020-0936

An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'...

Privilege escalation

An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'...

CVE-2020-0936

An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'...

CVE-2020-0936

CVE-2020-0936 is an Elevation of Privilege vulnerability in Windows/Windows Server caused by a Windows Scheduled Task that fails to properly handle file redirections. CNVD-2020-32583 describes the root cause as improper file redirection handling in the scheduled task, enabling an authenticated at...

Cumulative Update 41 for Microsoft Dynamics NAV 2017 (Build 30219)

Cumulative Update 41 for Microsoft Dynamics NAV 2017 Build 30219 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales. An information disclosure vulnerability exists if Microsoft Dynamics Business Central/NAV on-premises does not correctly hide the value ...

Description of the security update for Project 2016: April 14, 2020

Description of the security update for Project 2016: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists if Microsoft Office incorrectly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities a...

Windows Scheduled Task Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to. To exploit this vulnerability, an attacker would first have...

KB4550971: Windows Server 2012 April 2020 Security Update

The remote Windows host is missing security update 4550971 or cumulative update 4550917. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections. An attacker who successfully...

MS15-028: Vulnerability in Windows Task Scheduler could allow security feature bypass: March 10, 2015

MS15-028: Vulnerability in Windows Task Scheduler could allow security feature bypass: March 10, 2015 Summary This security update resolves a privately reported vulnerability in Windows. This vulnerability could allow users who have limited rights on an affected system to use Task Scheduler to...

MS15-116: Description of the security update for Project 2013: November 10, 2015

MS15-116: Description of the security update for Project 2013: November 10, 2015 Summary This security update resolves vulnerabilities in Microsoft Project 2013 that could allow remote code execution if a user opens a specially crafted Microsoft Office file. To learn more about these...

Audix - A PowerShell Tool To Quickly Configure The Windows Event Audit Policies For Security Monitoring

Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This means that for Incident Responders, Blue Teamers, CISO's & people looking to monitor their environment through use of Windows Event Logs, must configure the audit...

Improvements for the System Update Readiness Tool in Windows 7 and Windows Server 2008 R2

Improvements for the System Update Readiness Tool in Windows 7 and Windows Server 2008 R2 About the System Update Readiness Tool The System Update Readiness Tool can help fix problems that might prevent Windows updates and service packs from installing. For more information and how to download th...