All Hot News World. Public world blog, journal online reviewed.

Windows Operating System, PacketStorm Security

RSS feed: Windows Operating System, PacketStorm Security
Thu, 13 Dec 2018 04:46:42 GMT
Operating System: Windows ≈ Packet Storm
Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers [ + ]
Tue, 11 Dec 2018 16:31:54 GMT
WebDAV Server Serving DLL
This Metasploit module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module creates a webdav server that hosts a dll file. When the user types the provided rundll32 command on a system, rundll32 will load the dll remotely and execute the provided export function. The export function needs to be valid, but the default meterpreter function can be anything. The process does write the dll to C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV but does not load the dll from that location. This file should be removed after execution. The extension can be anything you'd like, but you don't have to use one. Two files will be written to disk. One named the requested name and one with a dll extension attached. [ + ]
Tue, 11 Dec 2018 16:28:02 GMT
CyberLink LabelPrint 2.5 Stack Buffer Overflow
This Metasploit module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below. The vulnerability is triggered when opening a .lpp project file containing overly long string characters via open file menu. This results in overwriting a structured exception handler record and take over the application. This Metasploit module has been tested on Windows 7 (64 bit), Windows 8.1 (64 bit), and Windows 10 (64 bit). [ + ]
Thu, 06 Dec 2018 18:56:47 GMT
McAfee True Key 5.1.173.1 Privilege Escalation
McAfee True Key version 5.1.173.1 on Windows 10 1809 has multiple issues in the implementation of the McAfee.TrueKey.Service which can result in privilege escalation through executing arbitrary processes or deleting files and directories. [ + ]
Thu, 06 Dec 2018 18:56:38 GMT
Apple Security Advisory 2018-12-05-5
Apple Security Advisory 2018-12-05-5 - iTunes 12.9.2 for Windows is now available and addresses code execution vulnerabilities. [ + ]
Fri, 30 Nov 2018 15:12:08 GMT
Apple Security Advisory 2018-12-05-6
Apple Security Advisory 2018-12-05-6 - iCloud for Windows 7.9 is now available and addresses code execution vulnerabilities. [ + ]
Fri, 30 Nov 2018 15:07:52 GMT
Microsoft VBScript rtFilter Out-Of-Bounds Read
There is an out-of-bounds vulnerability in Microsoft VBScript in rtFilter. The vulnerability has been confirmed in Internet Explorer on Windows 7 with the latest patches applied. [ + ]
Thu, 29 Nov 2018 02:32:44 GMT
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
There is a use-after-free vulnerability in Microsoft VBScript. The vulnerability has been confirmed in Internet Explorer on Windows 7 with the latest patches applied. There are possibly two vulnerabilities triggerable by the same proof of concept included. [ + ]
Wed, 28 Nov 2018 17:49:13 GMT
Wireshark Analyzer 2.6.5
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. [ + ]
Tue, 20 Nov 2018 16:13:36 GMT
Cisco WebEx Meetings Privilege Escalation
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. This vulnerability is related to a previous security issue fixed by Cisco in October. Affected versions include Cisco Webex Meetings Desktop App releases prior to 33.6.4 and Cisco Webex Productivity Tools releases 32.6.0 and later prior to 33.0.6. [ + ]
Tue, 20 Nov 2018 16:12:14 GMT
Microsoft Windows Unnamed Kernel Object Privilege Escalation
Microsoft Windows 10 1803 and 1809 have an issue with unnamed kernel object creation. It's possible to default the security descriptor owner or mandatory label to the value from an Identification level impersonation token leading to elevation of privilege. [ + ]
Tue, 20 Nov 2018 01:15:37 GMT
Microsoft Windows DfMarshal Unsafe Unmarshaling Privilege Escalation
Microsoft Windows 10 1803 suffers from a DfMarshal unsafe unmarshaling elevation of privilege vulnerability. [ + ]
Fri, 16 Nov 2018 21:01:26 GMT
Ricoh myPrint Hardcoded Credentials / Information Disclosure
Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected. [ + ]
Wed, 14 Nov 2018 02:09:36 GMT
Intel Rapid Storage Technology User Interface And Driver 15.9.0.1015 DLL Hijacking
Intel Rapid Storage Technology User Interface and Driver version 15.9.0.1015 suffers from a dll hijacking vulnerability. [ + ]
Fri, 09 Nov 2018 17:59:24 GMT
SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle
SwitchVPN for MacOS and Windows version 2.1012.03 suffers from a man-in-the-middle vulnerability. [ + ]
Fri, 09 Nov 2018 17:49:43 GMT
Web-Based Firewall Logging Tool 1.1.1
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target. [ + ]
Fri, 09 Nov 2018 17:45:53 GMT
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected. [ + ]
Thu, 01 Nov 2018 16:24:52 GMT
Microsoft Windows 10 Build 17134 Local Privilege Escalation
Microsoft Windows 10 Build 17134 local privilege escalation exploit with UAC bypass. [ + ]
Wed, 31 Oct 2018 16:10:39 GMT
Sourcetree Git Arbitrary Code Execution
An attacker can exploit the embedded version of Git used in Sourcetree if they can commit to a Git repository linked in Sourcetree. This allows them to execute arbitrary code on systems running a vulnerable version of Sourcetree for macOS. Versions of Sourcetree for macOS starting with version 1.02b before version 3.0.0 are affected by this vulnerability. Versions of Sourcetree for Windows starting with version 0.5.1.0 before version 3.0.0 are affected by this vulnerability. [ + ]
Wed, 31 Oct 2018 16:10:29 GMT
Apple Security Advisory 2018-10-30-12
Apple Security Advisory 2018-10-30-12 - iCloud for Windows 7.7 addresses code execution vulnerabilities. [ + ]
Wed, 31 Oct 2018 15:55:08 GMT
Apple Security Advisory 2018-10-30-13
Apple Security Advisory 2018-10-30-13 - iTunes 12.9 for Windows addresses code execution vulnerabilities. [ + ]
Wed, 31 Oct 2018 00:42:05 GMT
Apple Security Advisory 2018-10-30-7
Apple Security Advisory 2018-10-30-7 - iCloud for Windows 7.8 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities. [ + ]
Tue, 30 Oct 2018 17:44:24 GMT
R 3.4.4 (Windows 10 x64) Buffer Overflow
R version 3.4.4 (Windows 10 x64) buffer overflow exploit with DEP and ASLR bypass. [ + ]
Tue, 30 Oct 2018 10:11:11 GMT
Windows/x64 Remote Bind TCP Keylogger Shellcode
864 bytes small Windows/x64 logger shellcode. [ + ]
Wed, 24 Oct 2018 23:43:09 GMT
Microsoft Windows 10 User Sessions Stuck
This exploit modifies a windows language registry key which causes some windows binaries to stick, including login which makes the session unusable. The key is in HKCU and can be modified without admin rights, but with a bypass UAC, all user sessions can be paralyzed by using reg.exe and user's NTUSER.DAT. [ + ]

WebEx Local Service Permissions Code Execution
This Metasploit module exploits a flaw in the 'webexservice' Windows service, which runs as SYSTEM, can be used to run arbitrary commands locally, and can be started by limited users in default installations. [ + ]
PacketStorm Security

Booking.com B.V. is based in Amsterdam in the Netherlands. Ready for some statistics? Our 1,534,024 properties, including 860,482 holiday rentals, are located in 123,105 destinations in 229 countries and territories, and are supported internationally by 198 offices in 70 countries.
2013 Copyright Techhap.com Mobile version 2015 | PeterLife & company
Skimlinks helps publishers monetize editorial content through automated affiliate links for products. Affiliate programm.
Link at is mandatory if site materials are using fully or particulary.
Were treated to the site administrator, a cup of coffee *https://paypal.me/peterlife
Yandex.ru