Home Security Researchers Element Home windows Occasion Log Vulnerabilities: LogCrusher and OverLog

Researchers Element Home windows Occasion Log Vulnerabilities: LogCrusher and OverLog

by crpt os


Cybersecurity researchers have disclosed details about a pair of vulnerabilities in Microsoft Windows, one of which could be exploited to result in a denial-of-service (DoS).

The exploits, dubbed LogCrusher and OverLog by Varonis, take aim at the EventLog Remoting Protocol (MS-EVEN), which enables remote access to event logs.

While the former allows “any domain user to remotely crash the Event Log application of any Windows machine,” OverLog causes a DoS by “filling the hard drive space of any Windows machine on the domain,” Dolev Taler said in a report shared with The Hacker News.

OverLog has been assigned the CVE identifier CVE-2022-37981 (CVSS score: 4.3) and was addressed by Microsoft as part of its October Patch Tuesday updates. LogCrusher, however, remains unresolved.

Windows Event Log Vulnerabilities

“The performance can be interrupted and/or reduced, but the attacker cannot fully deny service,” the tech giant said in an advisory for the flaw released earlier this month.

Windows Event Log Vulnerabilities

The issues, according to Varonis, bank on the fact that an attacker can obtain a handle to the legacy Internet Explorer log, effectively setting the stage for attacks that leverage the handle to crash the Event Log on the victim machine and even induce a DoS condition.

CyberSecurity

This is achieved by combining it with another flaw in a log backup function (BackupEventLogW) to repeatedly backup arbitrary logs to a writable folder on the targeted host until the hard drive gets filled.

Microsoft has since remediated the OverLog flaw by restricting access to the Internet Explorer Event Log to local administrators, thereby reducing the potential for misuse.

“While this addresses this particular set of Internet Explorer Event Log exploits, there remains potential for other user-accessible application Event Logs to be similarly leveraged for attacks,” Taler said.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex