Show filters

Showing topic results for "CVE-2020-0796":

(1-3 of 3)

Sort by:
Attacker Value
High

CVE-2020-0796 - SMBGhost

Last updated April 21, 2020
This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Microsoft SMB Servers. The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet. A remote, unauthenticated attacker can exploit this to execute arbitrary code within the context of the application.
Utility Class: RCE
1
Attacker Value
High

CVE-2020-1206 Windows SMBv3 Client/Server Information Disclosure Vulnerability

Disclosure Date: June 09, 2020 (last updated June 13, 2020)
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.
Attack Vector: Network Utility Class: Info Leak
1
Attacker Value
Moderate

CVE-2020-1292 OpenSSH for Windows Elevation of Privilege Vulnerability

Disclosure Date: June 09, 2020 (last updated June 16, 2020)
An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings. An attacker who successfully exploited this vulnerability could replace the shell with a malicious binary. To exploit this vulnerability, an authenticated attacker would need to modify the OpenSSH for Windows configuration on a vulnerable system. The attacker would then need to convince a user to connect to the vulnerable OpenSSH for Windows server. The update addresses the vulnerability by restricting access to OpenSSH for Windows configuration settings.
Attack Vector: Local
1