Red Hat Security Advisory 2023-4777-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
e3586307d9a12ad56bbfa481583a15200c83e2007de29ed23bd6d9ccd486dd0eWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
16663585c0ffefd5593a6628d4a20cc8241b9703b11283cfe71ead2b750888c8This paper focuses on using Windows APIs to exploit and bypass modern day defense systems. The idea here is to understand the approach of how a modern day threat adversary would definitely help blue teamers to improve their defense mechanism. This article is useful for both blue and red teamers.
a08987a70023a852cfeef5c85e21b3ba9fa78f1aa30066467583fa799fdca5e3OutSystems Service Studio version 11.53.30 suffers from a dll hijacking vulnerability.
a77f3edb50d1e6d881a2ff4679d75b1fbc5bc424de1e7da54048c4da8ca7768aThe Microsoft Windows Kernel CmDeleteLayeredKey may delete predefined tombstone keys, leading to security descriptor use-after-free.
a393bdd205b55a25a4010667d7d283c1bd373af4b7bb30a36f33608cf1edeb3fThe Microsoft Windows Kernel may reference rolled-back transacted keys through differencing hives.
b39149935b26f2a93874ead5ff16c8bafcc4acc7b2b341ba68ed2751bb86aa82The Microsoft Windows Kernel may reference unbacked layered keys through registry virtualization.
7b5280c111b616102ccc14ddef413c7f8bbeeb1ba04df2aa047b88bdfe97d452There is a Microsoft Windows Kernel arbitrary read that can be performed by accessing predefined keys through differencing hives.
492807027a3cf7a8d886110c04d56bed4abbb83ec85e31ab445e48ddc7826fceRed Hat Security Advisory 2023-4488-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.
252acb6439c37d57d435d183f3aa4787523afbcaecc3e6fbfba5f267fd67ba49An issue in Diebold Nixdorf Vynamic View Console versions 5.3.1 and below allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.
e8ca12d6b8563b69ab66a6e4e43f64fa33eef9148ba6d2ac5f95576df569a4e6169 bytes small Windows/x64 PIC NULL-free calc.exec shellcode.
4d8ef778b3fa4d33d047bc1cf28b30c55e64f1c18779fd433649fe60f5ea0befRed Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.
4d219381d45e2edd902db35713860843b101bbb38f67cf23777473567adc345eRed Hat Security Advisory 2023-4212-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.
502e14cf3d84e4253ead1d3fb32ef25a6a9663af4db4f8c17b3a4f77d11f1376Red Hat Security Advisory 2023-4161-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.
b4743a1f577fb5ee07e16a414faf65145a78773fd4180e08bc70413700126f1aRed Hat Security Advisory 2023-4025-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a bypass vulnerability.
44df9bd2f76286c5413fd65a278a9ce79e084219d6e99cacaf86f41a1b126c63Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
a79f7b04cbff823e30452abf4bcb86773d8583eb62d5f71f16c09f019f8a8777326 bytes small Windows/x64 add administrative user dynamic PEB and EDT method shellcode.
ce836880761cfda2559a206f8a4eddd7cafbcbfe3f946cceb11b3d189d914798Microsoft Microsoft Windows 11 version 22h2 suffers from a kernel privilege escalation vulnerability.
be4c5e79f9cf0b40f7b8ba9b4538a14f5731f19051d96808d39f4233d0d4064dThis proof of concept abuses an SQL injection vulnerability in MOVEit to obtain a sysadmin API access token and then use that access to abuse a deserialization call to obtain remote code execution. This proof of concept needs to reach out to an Identity Provider endpoint which hosts proper RS256 certificates used to forge arbitrary user tokens - by default this POC uses horizon3ai's IDP endpoint hosted in AWS. By default, the exploit will write a file to C:\Windows\Temp\message.txt. Alternative payloads can be generated by using the ysoserial.net project.
891c1c3067e64d2916aec314b0195ba65fbc31db8570faee1f1fc3f6b4a366d9This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an updated exploit to work with Python3.
4213f6f37e107f80de8ae921a759ed1c060b04954405f63904e79423474d16caMicrosoft's HVCIScan binary suffers from a dll hijacking vulnerability.
865ceea55981bfe42ef02662844aae4e83d864301172df9484458a4ffd66687fWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
0079097a1b17ebc7250a73563f984c13327dac5016b7d53165810fbcca4bd884Hubstaff version 1.6.14-61e5e22e suffers from a DLL hijacking vulnerability.
bb6183cbbbf93e7cdd9260e520ff6659d0338e17fcde70b1ff8208dfabc97c36Red Hat Security Advisory 2023-2851-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
f0379894be6666fb53be81f0b55090e4710e35af72a8be9b1039e7b2dbfe5ce8The Windows kernel suffers from out-of-bounds read vulnerabilities when operating on invalid registry paths in CmpDoReDoCreateKey / CmpDoReOpenTransKey.
76ec9aa7a319065af82cafdd465533228021c8f1589b7dfe874c3ed0033910d0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed