313 matches found
CVE-2015-4408
Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the ISAPI issue...
CVE-2015-4408
The CVE-2015-4408 issue affects Hikvision NVR models DS-76xxNI-E1/2 and DS-77xxxNI-E4 prior to version 3.4.0. A buffer overflow in the ISAPI HTTP handling allows remote authenticated users to cause a denial of service (service interruption) by sending a crafted HTTP request. Impact is specificall...
Apache Tomcat JK ISAPI Connector Buffer Overflow Vulnerability
Apache Tomcat JK ISAPI Connector is a module for Apache or IIS to connect to the backend Tomcat , which supports clustering and load balancing and so on. A buffer overflow vulnerability exists in Apache Tomcat JK ISAPI Connector, which allows remote attackers to send specially crafted URIs to the...
Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow - ver 2 (CVE-2001-0241)
A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...
Ipswitch MOVEit DMZ MOVEitISAPI Information Disclosure Vulnerability
Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit A security vulnerability exists in the MOVEitISAPI service of DMZ due to the sending of different error messages based on the presence or absence of a FileID. A remote...
Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow - Ver2 (CVE-2001-0241)
A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...
Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes...
MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (4)
No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...
Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow
No description provided by source. $Id: ms03022nsiislogpost.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Microsoft IIS 4.0 ISAPI Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1911/info The ASP ISAPI file parser does not properly execute certain malformed ASP files that contain scripts with the LANGUAGE parameter containing a buffer of over 2200 characters and have the RUNAT value set as...
MS Windows 2000 sp1/sp2 isapi - .printer Extension Overflow Exploit (2)
No description provided by source. / IIS 5 remote .printer overflow. jill.c don't ask. by: dark spyrit [email protected] respect to eeye for finding this one - nice work. shouts to halvar, neofight and the beavuh bitchez. this exploit overwrites an exception frame to control eip and get to our...
Pi3Web <= 2.0.3 (ISAPI) Remote Denial of Service Exploit
No description provided by source. Pi3Web ISAPI DoS vulnerability Discovered by: Hamid Ebadi CSIRT Team Member Amirkabir University CSIRT Laboratory APA Laboratory [email protected] Introduction Pi3Web is a free, multithreaded, highly configurable and extensible HTTP server and development...
NT IIS4 Remote Web-Based Administration Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/189/info Web-based administration for IIS 4.0 is, by default, limited to the local loopback address, 127.0.0.1. In instances where IIS4.0 was installed as an upgrade to IIS 2.0 or 3.0, a legacy ISAPI DLL ISM.DLL is left i...
FoxWeb 2.5 PATH_INFO Remote Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8547/info FoxWeb is prone to a remotely exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of user-supplied PATHINFO data to the Foxweb CGI and ISAPI extension. Successful exploitation...
Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes...
Microsoft IIS Phone Book Service Overflow
No description provided by source. $Id: ms00094pbserver.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Xeneo Web Server 2.2.9 - Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7398/info Xeneo web server has been reported prone to denial of service vulnerability. It has been reported that a specifically crafted HTTP GET request containing over 4096 bytes of data will trigger this vulnerability...
Microsoft SQL Server 2000 SQLXML Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...
Microsoft IIS 4.0 .HTR Path Overflow
No description provided by source. $Id: ms02018htr.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft IIS 2.0/3.0/4.0 ISAPI GetExtensionVersion() Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/501/info IIS and potentially other NT web servers have a vulnerability that could allow arbitrary code to be run as SYSTEM. This works because of the way the server calls the GetExtensionVersion function the first time an...