1077 matches found
Agnitum Outpost privilege escalation
It's possible to obtain local system privileges with help or adding new filter...
Microsoft FrontPage Server Extensions contains buffer overflow in remote debugging functionality
Overview Microsoft FrontPage Server Extensions contains a vulnerability that allows remote attackers to execute arbitrary code with local system privileges. Description Microsoft FrontPage Server Extensions FPSE is an optional set of tools that adds functionality to a web site. This functionality...
NIPrint multiple bugs
Remote buffer overflow, help access with local system...
NSFOCUS SA2003-06 : Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-06 Topic: Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability Release Date: 2003-09-11 CVE CAN ID: CAN-2003-0528 http://www.nsfocus.com/english/homepage/research/0306.htm Affected system: ==================...
Microsoft Internet Explorer 56 - Object Type Validation
Microsoft Internet Explorer 56 - Object Type Validation source: https://www.securityfocus.com/bid/8456/info The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a...
Microsoft Internet Explorer 5/6 - Object Type Validation
source: https://www.securityfocus.com/bid/8456/info The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a malicious object to be trusted and as such be executed ...
DameWare Mini Remote Control Server - System
DameWare Mini Remote Control Server - System / DameWare Mini Remote Control Server Local SYSTEM Exploit Vulnerable Versions Prior to 3.71.0.0 by [email protected] This code is based on shards.cpp by xenophile / define WIN32LEANANDMEAN include include pragma warningdisable: 4305 pragma...
DameWare Mini Remote Control Server - System
/ DameWare Mini Remote Control Server Local SYSTEM Exploit Vulnerable Versions Prior to 3.71.0.0 by [email protected] This code is based on shards.cpp by xenophile / define WIN32LEANANDMEAN include include pragma warningdisable: 4305 pragma warningdisable: 4309 void MakeShellCode char buffer...
Microsoft Windows - DCOM RPC Interface Buffer Overrun
Microsoft Windows - DCOM RPC Interface Buffer Overrun source: https://www.securityfocus.com/bid/8205/info A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficien...
Microsoft Windows - DCOM RPC Interface Buffer Overrun
source: https://www.securityfocus.com/bid/8205/info A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficient bounds checking of client DCOM object activation...
[Full-Disclosure] [sec-labs] Zone Alarm Device Driver vulnerability
sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...
HP Compaq Insight Management Agent 5.0 - Format String
HP Compaq Insight Management Agent 5.0 - Format String source: https://www.securityfocus.com/bid/8336/info The Compaq Management Agent HTTP server is vulnerable to a format string issue. A remote attacker may be able to exploit this vulnerability in order to execute arbitrary code with Local Syst...
HP Compaq Insight Management Agent 5.0 - Format String
source: https://www.securityfocus.com/bid/8336/info The Compaq Management Agent HTTP server is vulnerable to a format string issue. A remote attacker may be able to exploit this vulnerability in order to execute arbitrary code with Local System privileges. $ printf "GET /?Url=perl -e 'print...
Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability
Description A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficient bounds checking of client DCOM object activation requests. Exploitation of this issue could...
CVE-2002-0700
This CVE concerns Microsoft Content Management Server (MCMS) 2001, where a buffer overflow in the Profile Service (an MDAC-related function used during user authentication) can allow an attacker to execute code in the Local System context by authenticating to a vulnerable web page. The issue is c...
Automatic File Content Type Recognition Tool contains memory allocation problem
Overview A memory allocation problem exists in the "Automatic File Content Type Recognition Tool" versions of the file1 package prior to 3.41. Description According to an OpenPKG advisory, a memory allocation problem exists in the "Automatic File Content Type Recognition Tool" AFCTR tool versions...
benchmark tool for HTTP pages.
ezhttpbench.php eZ httpbench version 1.1http://developer.ez.no - benchmark tool for HTTP pages. A security vulnerability in the product allows remote attackers to download any file on the local system that the eZ httpbench has read access to. Vulnerable systems: eZ httpbench version 1.1 eZ...
DH team: Norton Antivirus Corporate Edition Privilege Escalation
Dear Bugtraq, Product: Norton Antivirus Corporate Edition Final 7.60.962 Vendor: Symantec Type: Local Risk: High system privileges Discovered: ERRor [email protected] of Domain HELL Team Description: Norton Antivirus allows to run winhlp32 in context of local system. Details: Norton Antivirus add...
Norton antivirus privelege escalation
Можно запустить помощь winhlp32.exe в контексте локальной системы...
Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)
NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...