ZDI-23-689: Canonical ksmbd-tools SAMR Null Pointer Dereference Denial-of-Service Vulnerability

May 17, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Canonical ksmbd-tools. Authentication is not required to exploit this vulnerability.

attackers authentication canonical exploit ksmbd service tools vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-579: Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

apple apple macos arbitrary code attack +20

ZDI-24-578: Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

apple apple macos attackers cves +19

ZDI-24-582: SEW-EURODRIVE MOVITOOLS MotionStudio XML External Entity Processing Information Disclosure Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

cvss disclosure exploit external +13

ZDI-24-581: Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

attackers authentication authentication bypass azure +16

ZDI-24-580: Microsoft Artifact Registry Container Images Empty Password Authentication Bypass Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

artifact attackers authentication authentication bypass +14

ZDI-24-577: Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

access access control apex apex one +24

ZDI-24-576: Trend Micro Maximum Security coreServiceShell Link Following Local Privilege Escalation Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

attacker attackers code cvss +20

ZDI-24-575: Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

attacker attackers code cves +21

ZDI-24-574: Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability 3 days, 18 hours ago | www.zerodayinitiative.com

attackers authentication cross-site cve +19

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com

all InfoSec news

ZDI-23-689: Canonical ksmbd-tools SAMR Null Pointer Dereference Denial-of-Service Vulnerability

More from www.zerodayinitiative.com / ZDI: Published Advisories

Jobs in InfoSec / Cybersecurity

CyberSOC Technical Lead

Cyber Security Strategy Consultant

Cyber Security Senior Consultant

Senior Security Researcher - Linux MacOS EDR (Cortex)

Sr. Manager, NetSec GTM Programs

SOC Analyst I