128 matches found
EUVD-2005-0546
Malware in sbrugna...
MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server (client side): July 8, 2008
MS08-037: Description of the security update for DNS in Windows Server 2003, in Windows XP, and in Windows 2000 Server client side: July 8, 2008 INTRODUCTION Microsoft has released security bulletin MS08-037. To view the complete security bulletin, visit one of the following Microsoft Web sites:...
Ipswitch WS_FTP Server 3.4/4.0 FTP Command Buffer Overrun Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8542/info Ipswitch WSFTP Server is reported to be prone to buffer overruns when handling data supplied to the APPE and STAT FTP commands. An FTP user who supplies excessive input to these commands could potentially execut...
MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (1)
No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...
Oracle Database 10.1 MDSYS.MD2.SDO_CODE_SIZE Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13145/info Oracle Database is reported prone to a buffer overflow vulnerability. Reportedly this issue affects the 'MDSYS.MD2.SDOCODESIZE' procedure. An attacker can supply excessive data to an affected routine resulting ...
Oracle Database Server <= 10.1.0.2 - Buffer Overflow Exploit
No description provided by source. / Advanced SQL Injection in Oracle databases Exploit for the buffer overflow vulnerability in procedure MDSYS.MD2.SDOCODESIZE of Oracle Database Server version 10.1.0.2 under Windows 2000 Server SP4. Fixes available at http://metalink.oracle.com. The exploit...
Microsoft IIS ASP - Stack Overflow Exploit (MS06-034)
No description provided by source. include stdio.h include windows.h / Microsoft IIS ASP Stack Overflow ExploitMS06-034 by cocoruderfrankruderathotmail.com,2006/7/13 page:http://ruder.cdut.net/default.asp successfully test on Windows 2000 Server SP4+IIS5.0, On Windows 2003 Server+IIS6.0,because t...
Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This condition affects IIS 4.0 and IIS 5.0...
Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow
No description provided by source. $Id: mercurimapselectoverflow.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Helix Server 11.0.1 - Remote Heap Overflow Exploit (win2k SP4)
No description provided by source. /usr/bin/python Remote exploit for the vulnerability in Helix server v11.0.1 as described at http://gleg.net/helix.txt The exploit spawns a shell on TCP port 4444 and connects to it. At the time of overflow we control EAX which is used in a call as follows...
Microsoft Message Queueing Service DNS Name Path Overflow
No description provided by source. $Id: ms07065msmq.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
$Id: mercurimapselectoverflow.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
MS Updates Windows Server Patch It Pulled
Microsoft has re-released a security update targeting a vulnerability on Windows 2000 Server.The company pulled support for MS10-025 last week. Read the full article. eWEEK...
Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (MS10-025) (Metasploit)
$Id: ms10025wmssconnectfunnel.rb 9166 2010-04-28 00:48:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Re-Releases Security Update for MS10-025
Microsoft has re-released the security update related to Microsoft security bulletin MS10-025. This vulnerability affects Windows Media Services running on Windows 2000 Server. The original release of this update had been revoked last week because it did not effectively correct the underlying...
Windows NT NNTP Component Buffer Overflow
The Network News Transfer Protocol NNTP component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an...
Windows NT NNTP Component Buffer Overflow
The Network News Transfer Protocol NNTP component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an...
Microsoft Revokes Security Update
The Microsoft Security Response Center has posted a blog entry indicating that it has revoked the update related to Microsoft security bulletin MS10-025 because it does not effectively correct the underlying vulnerability. This vulnerability affects Windows Media Services running on Windows 2000...
Windows Media Services ConnectFunnel Stack Buffer Overflow
This module exploits a stack buffer overflow in the Windows Media Unicast Service version 4.1.0.3930 NUMS.exe. By sending a specially crafted FunnelConnect request, an attacker can execute arbitrary code under the "NetShowServices" user account. Windows Media Services 4.1 ships with Windows 2000...
Microsoft Security Bulletin MS10-025 - Critical Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution (980858)
Microsoft Security Bulletin MS10-025 - Critical Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution 980858 Published: April 13, 2010 | Updated: April 14, 2010 Version: 1.1 General Information Executive Summary This security update resolves a privately reported...