The vulnerability of the VMware Enhanced Authentication Plug-in’s authentication module, related to deficiencies in the authentication process, allows attackers to escalate their privileges.

The vulnerability of the VMware Enhanced Authentication Plug-in EAP is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to enhance their privileges by intercepting Active Directory tickets...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability CVE-2023-32439 Apple...

Saltstack SaltStack Salt 信任管理问题漏洞

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to Salt 3002.5, which stems from the fact that...

VMWare Authentication Daemon Version Scanner

This module will identify information about a host through the vmauthd service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Authentication Daemon Version Scanner', 'Description' = %q...

vmauthd-brute NSE Script

Performs brute force password auditing against the VMWare Authentication Daemon vmware-authd. Script Arguments passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library. creds.service, creds.global See the documentation for the creds library...