Showing 1 - 1 of 1

CVE-2014-1812

Status Candidate

Overview

The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."

Related Files

SMB Group Policy Preference Saved Passwords Enumeration: Posted Sep 1, 2024; Authored by Joshua D. Abraham | Site metasploit.com; This Metasploit module enumerates files from target domain controllers and connects to them via SMB. It then looks for Group Policy Preference XML files containing local/domain user accounts and passwords and decrypts them using Microsofts public AES key. This Metasploit module has been tested successfully on a Win2k8 R2 Domain Controller.; tags | exploit, local; advisories | CVE-2014-1812; SHA-256 | d11f7ba768f710619958ad116091f7900847ba400cd0b93e774ee3e70480841d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 251 files
Ubuntu 59 files
LiquidWorm 28 files
indoushka 20 files
Debian 18 files
Apple 10 files
Google Security Research 5 files
Chokri Hammedi 3 files
Alter Prime 3 files
Emiliano Febbi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,153)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,749)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,187)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,958)
UNIX (9,472)
UnixWare (188)
Windows (6,784)
Other

CVE-2014-1812

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems