{"vulnerability": "CVE-2019-1338", "sightings": [{"uuid": "5b6fce8e-3b3d-46b4-ad80-74894d83b974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1338", "type": "seen", "source": "https://t.me/ExcreamOnSecurity/285", "content": "Drop The MIC 2 (CVE 2019-1166) & Exploiting LMv2 Clients (CVE-2019-1338)\n\nToday, on October 2019 Patch Tuesday, Microsoft released patches for CVE 2019-1166 and CVE-2019-1338, two important vulnerabilities discovered by the Preempt Research Team\n\nhttps://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/\n#ntlm #windows #ad #redteaming", "creation_timestamp": "2019-10-11T19:54:26.000000Z"}, {"uuid": "dcb3e490-a730-49ec-adfb-38b4f776d322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13382", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5990", "content": "https://posts.specterops.io/cve-2019-13382-local-privilege-escalation-in-snagit-abe5f31c349", "creation_timestamp": "2019-07-25T08:40:10.000000Z"}, {"uuid": "40364306-92a8-4510-9e5f-c3e3dd146319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1338", "type": "seen", "source": "https://t.me/information_security_channel/31696", "content": "Microsoft NTLM is the default authentication protocol used on NT 4.0 and earlier Windows versions, now it was replaced with Kerberos ticket-based authentication protocol. Two vulnerabilities CVE 2019-1166 and CVE-2019-1338 discovered in Microsoft NTLM allows attackers to bypass the MIC protection and modify the NTLM message flow along with signing requirement. Microsoft fixed the released [\u2026]\nThe post Microsoft NTLM Vulnerability Let Hackers to Compromise the Network Domain Controller (https://gbhackers.com/microsoft-ntlm/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-10-10T02:26:41.000000Z"}, {"uuid": "6f4e6ab5-3239-4a89-ba78-c369989c3ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1338", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/797", "content": "#tools\n#Blue_Team_Techniques\nNTLM Scanner \u2060- tool to check servers/hosts for various known NTLM vulnerabilities over SMB:   CVE-2019-1019, CVE-2019-1040, CVE-2019-1166, CVE-2019-1338...\nhttps://github.com/preempt/ntlm-scanner", "creation_timestamp": "2024-10-10T02:52:34.000000Z"}, {"uuid": "775256d9-367d-4611-bb2a-de3e0373fb7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13382", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/304", "content": "#Threat_Research\n1. Zoom Zero Day: \n4M Webcams/maybe an RCE?\nJust get them to visit your website!..\nhttps://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5\n2. CVE-2019-13382:\nLPE in SnagIt\nhttps://posts.specterops.io/cve-2019-13382-local-privilege-escalation-in-snagit-abe5f31c349", "creation_timestamp": "2022-02-17T10:22:23.000000Z"}]}