17 matches found
CVE-2018-5353
The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a...
CVE-2018-5354
The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated...
CVE-2018-5353
The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a...
Authentication flaw
The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated...
CVE-2018-5353
The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a...
CVE-2018-5354
The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated...
SMBv3 Compression Buffer Overflow
A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. This module requires Metasploit...
Windows Manage Privilege Based Process Migration
This module will migrate a Meterpreter session based on session privileges. It will do everything it can to migrate, including spawning a new User level process. For sessions with Admin rights: It will try to migrate into a System level process in the following order: ANAME if specified,...
Windows NT 4.0 - Remote Registry Request Dos Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting...
Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
A kernel pool overflow in Win32k which allows local privilege escalation. The kernel shellcode nulls the ACL for the winlogon.exe process a SYSTEM process. This allows any unprivileged process to freely migrate to winlogon.exe, achieving privilege escalation. Used in pwn2own 2013 by MWR to break...
Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class Metasploit3 'Windows NTUserMessageCall Win32k Kernel Pool Overflow...
Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class Metasploit3 'Windows NTUserMessageCall Win32k Kernel Pool Overflow...
Talking about the Ring0 privilege of obtain-vulnerability warning-the black bar safety net
Recently been trying to write a program to kill 3 6 0, but encountered a lot of trouble, even if elevated, the 能干 掉 Winlogon.exe 也 干 不 掉 360tray.exe depressed for half a day. Don't know 3 6 0 what weird means. Then find the Find the previous comparison of the bovine X-virus Panda burning incense...
Turn off XP protection. Replace explorer. exe-vulnerability warning-the black bar safety net
Author: open Source: open's blog In the even of a VPC on the test. No more test. Even not call the dllcache directory. You like it Quote: Turn off XP protection. 替换 explorer.exe Copyright C 2 0 0 8 bbs.secdst.net program Project1; uses Windows,TlHelp32; function LowerCaseconst S: string: string;...
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (1)
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service 1 // source: https://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially...
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (MS00-040) (2)
source: https://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting the machine would be required in...
nt.screensaver.token.txt
Date: Tue, 9 Mar 1999 12:57:42 -0800 From: Aleph One To: [email protected] Subject: Windows NT Screen Saver Vulnerability Cybermedia Software has found the following vulnerability: Screen Saver vulnerability Description: The Screen Saver is started by Winlogon.Exe whenever the machine is idle...