Posts Tagged ‘microsoft’

Microsoft Windows MS17-010 SMB Remote Code Execution

This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is “STATUS_INSUFF_SERVER_RESOURCES”, the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server […]

EXPLODINGCAN 2.0.2 Microsoft IIS 6 Exploit

EXPLODINGCAN is an exploit for Microsoft IIS 6 that leverages WebDAV and works on 2003 only. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from a team known as the “Equation Group”, however, there is no author data available in this content. […]

Microsoft Windows Kernel NtGdiGetDIBitsInternal Memory Disclosure / DoS

Multiple bugs have been discovered in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool memory disclosure or denial of service. Under certain circumstances, memory corruption could also be possible. Source: Microsoft Windows Kernel NtGdiGetDIBitsInternal […]