The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows vista |
||
microsoft windows server 2008 - |
||
microsoft windows server 2012 r2 |
||
microsoft windows 8 - |
||
microsoft windows 8.1 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows 7 - |
||
microsoft windows rt 8.1 - |
||
microsoft windows rt - |
||
microsoft windows 2003 server |
||
microsoft windows 2003 server r2 |
||
microsoft windows server 2012 - |
Pastebin is for old hats. Cool black hats use Twitter now
Hackers collectively tripled the production of Proof-of-Concept exploits last year, according to a new study out on Thursday. Researchers and black hats develop proof-of-concept (PoC) exploits for research or demonstration purposes. These PoCs are developed for a various reasons – to demonstrate that software is vulnerable, force a company to develop a critical patch, showcase skills, or, in the most malicious cases, claim ownership of a working exploit that can run on real-world targets. More...