32 matches found
USN-8306-1: Samba vulnerabilities
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access checks on reparse point operations. An attacker could possibly use this issue to modify reparse point extended attributes on files that should have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS...
PT-2026-43436
Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users who possess underlying filesyst...
EUVD-2008-1455
Malware in sbrugna...
Microsoft WINS Service Memory Overwrite
No description provided by source. $Id: ms04045wins.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft WINS Service <= 5.2.3790.4520 Memory Corruption
No description provided by source. Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author:...
Advisory for MS11-035 / ZDI-11-167
Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author: Luigi Auriemma e-mail:...
Microsoft WINS Service 5.2.3790.4520 Memory Corruption
Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author: Luigi Auriemma e-mail:...
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption (MS11-035)
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption MS11-035 Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 20...
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption (MS11-035)
Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author: Luigi Auriemma e-mail:...
MS WINS ECommEndDlg Input Validation Error
Core Security - Corelabs Advisory MS WINS ECommEndDlg Input Validation Error 1. Advisory Information Title: MS WINS ECommEndDlg Input Validation Error Advisory ID: CORE-2011-0526 Advisory URL: http://www.coresecurity.com/content/ms-wins-ecommenddlg-input-validation Date published: 2011-09-12 Date...
ZDI-11-167: Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability
ZDI-11-167: Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-167 May 10, 2011 -- CVE ID: CVE-2011-1248 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Microsoft -- Affected Products:...
Microsoft Windows Internet Name Service (WINS)失败响应远程代码执行漏洞
Bugtraq ID: 47730 Microsoft Windows是一款微软发行的操作系统。 Microsoft Windows 2003 Server分发的wins.exe服务存在缺陷。此服务设计用于解析NetBIOS请求,并接收42端口的连接,当处理套接字发送异常时存在一个逻辑错误,部分用户提供的值会遗留在栈帧中,并在其他上下文中重用。远程攻击者可以利用这个缺陷调用LeaveCriticalSection,并在一个可控的位置上进行操作。这个条件可导致远程代码在SYSTEM用户上下文执行。 Microsoft Windows Server 2003 Datacenter Editi...
ZDI-11-167: Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability
ZDI-11-167: Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-167 May 10, 2011 -- CVE ID: CVE-2011-1248 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Microsoft -- Affected Products:...
Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Internet Name Service WINS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wins.exe service distributed with Microsoft Windows...
Microsoft WINS - Service Memory Overwrite (MS04-045) (Metasploit)
$Id: ms04045wins.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Microsoft WINS Service Memory Overwrite
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft WI...
Microsoft Windows WINS Service Heap Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WINS.exe process which provides name resolution services for NetBIOS networks...
Cold shoulder Wins remote overflow vulnerability-vulnerability warning-the black bar safety net
About this vulnerability Description, The comparison of the official DESCRIPTION is this: the WINS service support a so-called“WINS replication”feature, a different the WINS server can rely on this feature to exchange information. WINS replication is listening on TCP 4 2 port standard on the WINS...
Microsoft Windows WINS service local elevation of privilege vulnerability-vulnerability warning-the black bar safety net
Source: IT Lab Microsoft Windows is Microsoft released the very popularoperating system. In Windows, the WINS service does not adequately validate specially crafted WINS network packets within the data structure, may allow a local attacker to use elevated permissions to run the code. Release date...
Microsoft Windows WINS服务本地权限提升漏洞(MS08-034)
BUGTRAQ ID: 29588 CVECAN ID: CVE-2008-1451 Microsoft Windows是微软发布的非常流行的操作系统。 Windows中的WINS服务没有充分验证特制WINS网络报文内的数据结构,可能允许本地攻击者使用提升的权限运行代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。随后,攻击者可以安装程序;查看、更改或删除数据;或者创建新帐户。 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows 2000SP4 Microsoft...