the original cloud security
Showing 76 - 100 of 5,206 RSS Feed

Operating System: Windows

Microsoft Windows Kernel nt!NtQueryInformationProcess Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationProcess (ProcessVmCounters).

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8476
MD5 | e0446d1d69749e7ebc54e3c15b6f4e65
Microsoft Windows Kernel nt!NtQueryInformationJobObject Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationJobObject (BasicLimitInformation, ExtendedLimitInformation).

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8485
MD5 | a4c5515d4150d3b050b4df9a68ec2fd2
Microsoft Windows Kernel win32k!ClientPrinterThunk Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!ClientPrinterThunk.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8475
MD5 | 127ce0058e06459ddf1b28b0c2e10f92
Microsoft Windows Kernel DeviceApi Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in DeviceApi (PiDqIrpQueryGetResult, PiDqIrpQueryCreate, PiDqQueryCompletePendedIrp).

tags | advisory, kernel
systems | windows
advisories | CVE-2017-8474
MD5 | 4e4a498ebab54e5dd1890edc3aabd6c7
Microsoft Windows Kernel win32k!NtGdiGetRealizationInfo Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetRealizationInfo.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8473
MD5 | 97b6a6507483eb9c23829ee30a5bc0fc
Microsoft Windows Kernel win32k!NtGdiGetTextMetricsW Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetTextMetricsW.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8472
MD5 | 0c9e8e1e6901f907ee10e8db7b16df58
Microsoft Windows Kernel win32k!NtGdiGetOutlineTextMetricsInternalW Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetOutlineTextMetricsInternalW.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8471
MD5 | 332be683045638ea7d0e8491efbcc3c7
Microsoft Windows Kernel win32k!NtGdiExtGetObjectW Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiExtGetObjectW.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8470
MD5 | bc1f54aab9e54f6d87438b0f1cc4fb8d
Microsoft Windows Kernel nt!KiDispatchException Stack Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in exception handling (nt!KiDispatchException).

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8482
MD5 | 5e4fdb928479ea0235148fe6899fdbfe
Microsoft Windows Kernel Pool nt!NtNotifyChangeDirectoryFile Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in nt!NtNotifyChangeDirectoryFile.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-0299
MD5 | 28bb3b376bd7bcc1394bb07442221b5c
Microsoft Kernel Pool nt!NtQueryVolumeInformationFile Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel pool suffers from a memory disclosure in nt!NtQueryVolumeInformationFile (FileFsVolumeInformation).

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8462
MD5 | 3da3669afce97f78864ec898d82f31e1
Microsoft Windows Kernel Partmgr Pool IOCTL_DISK_GET_DRIVE_LAYOUT_EX Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a partmgr pool memory disclosure vulnerability in the handling of IOCTL_DISK_GET_DRIVE_LAYOUT_EX.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8469
MD5 | 1f9d723b762f9af977602de808734afc
Microsoft Windows Kernel Partmgr Pool IOCTL_DISK_GET_DRIVE_GEOMETRY_EX Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a partmgr pool memory disclosure vulnerability in the handling of IOCTL_DISK_GET_DRIVE_GEOMETRY_EX.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8492
MD5 | aa5c0f3bc7a8857ac395369e3e9b409a
Microsoft Windows Kernel Volmgr Pool Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a volmgr pool memory disclosure vulnerability in the handling of IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8491
MD5 | ad4ed2ce37615d3b18d9c905d9cca90a
Microsoft Windows Kernel Pool win32k!NtGdiEnumFonts Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

Microsoft Windows suffers from a kernel pool memory disclosure vulnerability in win32k!NtGdiEnumFonts.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8490
MD5 | 8cc2616656519a57c040e26058c1ff78
Microsoft Windows Kernel WMIDataDevice Pool Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

Microsoft Windows Kernel has an issue where the handler of the 0x224000 IOCTL (corresponding to the WmiQueryAllData functionality) implemented by the \\.\WMIDataDevice device in ntoskrnl.exe (as dispatched by the nt!WmipIoControl routine) discloses portions of uninitialized pool memory to user-mode clients.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8489
MD5 | 83fbe445919ae11effcd075e5a7ea56b
Microsoft Windows Kernel Mountmgr Pool Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

Microsoft Windows kernel has an issue where the handler of the IOCTL_MOUNTMGR_QUERY_POINTS IOCTL in mountmgr.sys discloses portions of uninitialized pool memory to user-mode clients, due to output structure alignment holes.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8488
MD5 | 29a9f791644d9e16cc64b7a3228c7f92
Microsoft Windows Kernel KsecDD Pool Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The IOCTL sent to the \Device\KsecDD device by the BCryptOpenAlgorithmProvider documented API returns some uninitialized pool memory in the output buffer of the Microsoft Windows kernel.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8489
MD5 | 01d603dfb7dcb74694f84af10f7cb2dc
Microsoft Windows win32k!NtGdiGetOutlineTextMetricsInternalW Memory Disclosure
Posted Jun 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel pool suffers from a memory disclosure due to output structure alignment in win32k!NtGdiGetOutlineTextMetricsInternalW.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-8484
MD5 | 2f2d58f889cb1714929e2b0498a45b03
MySQL G0ld Brute Forcing Utility
Posted Jun 20, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.

tags | tool, cracker
systems | windows
MD5 | e0087db2fc7abccc98bd40d8d96cf170
Microsoft Security Bulletin Summary For June, 2017
Posted Jun 13, 2017
Site microsoft.com

This bulletin summary lists 81 critical security updates for Microsoft Windows in June, 2017.

tags | advisory
systems | windows
MD5 | d92d5e9e8f6fced481f74fcea483fe87
Windows UAC Protection Bypass (Via FodHelper Registry Key)
Posted Jun 7, 2017
Authored by amaloteaux, winscriptingblog | Site metasploit.com

This Metasploit module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.

tags | exploit, shell, registry
systems | windows
MD5 | b20812c1abf3d3375be101013cd12af0
EternalBlue Exploit Analysis And Port To Microsoft Windows 10
Posted Jun 7, 2017
Authored by Sean Dillon, Dylan Davis

On April 14, 2017, the Shadow Brokers Group released the FUZZBUNCH framework, an exploitation toolkit for Microsoft Windows. The toolkit was allegedly written by the Equation Group, a highly sophisticated threat actor suspected of being tied to the United States National Security Agency (NSA). The framework included ETERNALBLUE, a remote kernel exploit originally targeting the Server Message Block (SMB) service on Microsoft Windows XP (Server 2003) and Microsoft Windows 7 (Server 2008 R2). In this paper, the RiskSense Cyber Security Research team analyzes how using wrong-sized CPU registers leads to a seemingly innocuous mathematical miscalculation. This causes a chain reaction domino effect ultimately culminating in code execution, making ETERNALBLUE one of the most complex exploits ever written. They will discuss what was necessary to port the exploit to Microsoft Windows 10, and future mitigations Microsoft has already deployed, which can prevent vulnerabilities of this class from being exploited in the future. The FUZZBUNCH version of the exploit contains an Address Space Layout Randomization (ASLR) bypass, and the Microsoft Windows 10 version required an additional Data Execution Prevention (DEP) bypass not needed in the original exploit.

tags | paper, remote, kernel, vulnerability, code execution
systems | windows, xp, 7
MD5 | 0e04e472a5f9e98389f5f1e13ec2bf50
BIND 9.10.5 Unquoted Service Path Privilege Escalation
Posted Jun 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

BIND version 9.10.5 for x86 and x64 on Windows suffers from an unquoted service path vulnerability that can allow for privilege escalation.

tags | exploit, x86
systems | windows
advisories | CVE-2017-3141
MD5 | b39267a55a45b5a08939bd042eb975f7
Parallels Desktop 12.2.0 Virtual Machine Escape
Posted Jun 3, 2017
Authored by Mohammad Reza Espargham | Site twitter.com

Parallels Desktop version 12.2.0 and below suffer from a vulnerability that allows remote file sharing to be leveraged against the host operating system for arbitrary code execution.

tags | exploit, remote, arbitrary, code execution
systems | windows, apple, osx
MD5 | 69a4be4fd7692e5549456f998744139a
Page 4 of 209
Back23456Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close