Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

EUVD-2000-0113

Malware in sbrugna...

Exploit for CVE-2000-0114

This is a collection of vulnerability templates for the Nuclei vulnerability scanner. The templates are organized by CVE ID and include information such as the vulnerability name, description, severity, and remediation steps. The templates also include HTTP requests and matchers to identify the...

PT-2024-22495

Name of the Vulnerable Software and Affected Versions LG LED Assistant affected versions not specified Description This issue allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant. Recommendations At the moment, there is no...

OpenID Connect Anonymous Account

OpenID Connect is an identity layer on top of the OAuth 2.0 protocol which aims to determine the provider URL for an end user. By leveraging the /.well-known/webfinger endpoint, it is sometimes possible to determine if an anonymous account exists on the target server. By leveraging this...

After enabling MFA and FAS users may be unable to sign to Storefront published app with Anonymous account in other domain

After enabling MFA and FAS users may be unable to sign to Storefront published app with Anonymous account in other domain, with error "Incorrect Pin" Scenario: You may have Storefront, FAS Federated Authentication Service and VDAs in Domain A and there is another Domain Bhaving StoreFront and its...

Plesk/myLittleAdmin - ViewState .NET Deserialization Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...

AIX 5.3 TL 10 : bos.net.tcp.client (U838225)

The remote host is missing AIX PTF U838225, which is related to the security of the package bos.net.tcp.client. There is a buffer overflow vulnerability in the ftp server. By issuing an overly long NLST command, an attacker may cause a buffer overflow. The successful exploitation of this...

Windows2000 under the administrator account really insecure-vulnerability warning-the black bar safety net

If you have an ordinary user account,there is a very simple method to get the NT Administrator account: One of: first c:\winnt\system32 under logon. the scr was renamed as logon. old backup Then put the usrmgr. exe renamed to logon. scr Then restart the logon. the scr is loaded at startup of the...

After testing,it seems the Administrastor account is really insecure-vulnerability warning-the black bar safety net

If you have an ordinary user account,there is a very simple method to get the NT Administrator account: First put c:\winnt\system32 under logon. the scr was renamed as logon. old backup Then put the usrmgr. exe renamed to logon. scr Then restart the logon. the scr is loaded at startup of the...

WebGUI < 6.8.6 'Anonymous' Account Creation

Binary data 3427.prm...

Sambar Default Anonymous Account

Binary data 1577.prm...

Vulnerabilities In Pablo Software Solutions FTP Service 1.2

Plaintext Password Vulnerability ------------------------------------ User info is stored in users.dat in plaintext. If the anonymous account is present it is by default the entire FTP server can be compromised ftp://somewhere/program files/pablo's ftp service/users.dat Default Anonymous Account...

CVE-2000-0114

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory...

CVE-2000-0114

CVE-2000-0114 affects FrontPage Server Extensions. It enables unauthenticated remote disclosure of the anonymous account name via an RPC POST to shtml.dll in the /_vti_bin/ virtual directory. The issue stems from information disclosure in FrontPage Server Extensions; no exploitation details are p...

CVE-2000-0114

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory...

PT-2000-1102 · Microsoft · Shtml.Dll +1

Name of the Vulnerable Software and Affected Versions: Frontpage Server Extensions affected versions not specified Description: The issue allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the / vti bin/ virtual directory. Recommendation...

Microsoft Site Server 2.0 with IIS 4.0 - Arbitrary File Upload

source: https://www.securityfocus.com/bid/1811/info Microsoft Site Server is an intranet server designed for an NT Server with IIS. Site Server enables users to locate and view information stored in various locations through personalized web pages and emails. The 'Users' directory, if not already...