CVSS: 7.8EPSS: 30%CPEs: 2EXPL: 2CVE-2017-8461 – Microsoft Windows RRAS Service MIBEntryGet Overflow
https://notcve.org/view.php?id=CVE-2017-8461
Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability." Fue encontrada una Vulnerabilidad en Windows RPC con enrutamiento y acceso remoto habilitado en Windows XP y Windows Server 2003 permite a un atacante ejecutar código en un servidor RPC de destino que tiene habilitado el enrutamiento y acceso remoto por medio de una aplicación especialmente creada, también se conoce como "Windows RPC Remote Code Execution Vulnerability". • http://packetstormsecurity.com/files/161672/Microsoft-Windows-RRAS-Service-MIBEntryGet-Overflow.html http://www.securityfocus.com/bid/99012 http://www.securitytracker.com/id/1038701 https://support.microsoft.com/en-us/help/4024323/security-update-of-windows-xp-and-windows-server-2003 https://www.securitytracker.com/id/1038701 https://github.com/x0rz/EQGRP_Lost_in_Translation/blob/master/windows/exploits/Erraticgopher-1.0.1.0.xml https://support.microsoft.com/en-us/topic/microsoft-security-advisory-4025 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 97%CPEs: 2EXPL: 11CVE-2017-7269 – Microsoft Windows Server Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2017-7269
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Desbordamiento de búfer en la función ScStoragePathFromUrl en el servicio WebDAV en Internet Information Services (IIS) 6.0 en Microsoft Windows Server 2003 R2 permite a atacantes remotos ejecutar código arbitrario a través de una cabecera larga comenzando con "If: Microsoft IIS version 6.0 suffers from a WebDAV ScStoragePathFromUrl buffer overflow vulnerability. Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long header beginning with "If: <http://" in a PROPFIND request. • https://www.exploit-db.com/exploits/41992 https://www.exploit-db.com/exploits/41738 https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269 https://github.com/lcatro/CVE-2017-7269-Echo-PoC https://github.com/Al1ex/CVE-2017-7269 https://github.com/caicai1355/CVE-2017-7269-exploit https://github.com/N3rdyN3xus/CVE-2017-7269 https://github.com/VanishedPeople/CVE-2017-7269 https://github.com/denchief1/CVE-2017-7269 https://github.com/Cappricio-Securities/CVE-2017-7269 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0CVE-2015-2363
https://notcve.org/view.php?id=CVE-2015-2363
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Win32k.sys en los controladores de modo kernel en Microsoft Windows Server 2003 SP2 y R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2013, y Windows RT permite a usuarios locales escalar privilegios a través de una aplicación manipulada, también conocida como “Vulnerabilidad de Escalada de Privilegios en Win32k.” • http://www.securitytracker.com/id/1032904 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-073 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0CVE-2015-2367 – Microsoft Windows NtUserDisableProcessWindowFiltering Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-2367
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from uninitialized kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability." Win32k.sys en los controladores de modo kernel en Microsoft Windows Server 2003 SP2 y R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold and 8.1 permite a usuarios locales obtener informacion sensible de la memoria no inicializada del kernel a través de una aplicación manipulada, también conocida como “Vulnerabilidad de Revelación de informacion en Win32k.” This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the NtUserDisableProcessWindowFiltering function. The issue lies in the failure to sanitize a stack variable before returning it to the user. • http://www.securitytracker.com/id/1032904 http://www.zerodayinitiative.com/advisories/ZDI-15-536 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-073 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 14EXPL: 1CVE-2015-2370 – Microsoft Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)
https://notcve.org/view.php?id=CVE-2015-2370
The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability." La implementación de autenticación en el sub-sistema RPC en Microsoft Windows Server 2003 SP2 y R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, y Windows RT Gold y 8.1 no previene DCE/RPC connection reflection, lo que permite a usuarios locales obtener privilegios través de una aplicación específicamente diseñada para este fin, error conocido como 'Windows RPC Elevation of Privilege Vulnerability.' • https://www.exploit-db.com/exploits/37768 http://www.securitytracker.com/id/1032907 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-076 • CWE-264: Permissions, Privileges, and Access Controls •