[Full-disclosure] Lomtec ActiveWeb Professional 3.0 CMS Allows Arbitrary File Upload and Execution as SYSTEM in ColdFusion (2010-WEB-002) (CERT VU#528212)

2011-01-26 Thread StenoPlasma @ www.ExploitDevelopment.com
- www.ExploitDevelopment.com 2010-WEB-002 (CERT VU#870532) (Security Focus BID 45985) - TITLE: Lomtec ActiveWeb Professional 3.0 C

Re: [Full-disclosure] Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins to Temporarily Escalate Privileges and Login as Cached Domain Admin Accounts (2010-M$-002)

2010-12-13 Thread StenoPlasma @ www.ExploitDevelopment.com
>>vulnerability is problematic for shops that differentiate between >>>desktop support and AD support. >>> >>> >>>George Carlson >>>Sr. Network Engineer >>>(804) 423-7430 >>> >>> >>>-Original Message- >

[Full-disclosure] Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins to Temporarily Escalate Privileges and Login as Cached Domain Admin Accounts (2010-M$-002)

2010-12-09 Thread StenoPlasma @ www.ExploitDevelopment.com
-- www.ExploitDevelopment.com 2010-M$-002 -- TITLE: Flaw in Microsoft Domain Account Caching Allows Local Workstation Admins to Temporarily Escalate Privi