43 matches found
Microsoft Windows Message Queuing Service Privilege Escalation Vulnerability (2993254)
This host is missing an important security update according to Microsoft Bulletin MS14-062. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows XP/2000/2003 Message Queuing Service Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8783/info It has been reported that the Microsoft Message Queuing service is prone to a heap overflow. The Symantec DeepSight analyst team is currently analyzing proof-of-concept exploit code for this issue. This record...
Microsoft Windows消息队列服务本地权限提升漏洞(MS09-040)
BUGTRAQ ID: 35969 CVECAN ID: CVE-2009-1922 Microsoft Windows是微软发布的非常流行的操作系统。 由于对消息队列服务所发布的IOCTL请求解析中存在缺陷,导致Windows消息队列服务(MSMQ)中存在一个权限提升漏洞。MSMQ服务在将输入数据传递到缓冲区之前没有正确地检查这些字符串。成功利用此漏洞的攻击者可执行任意代码,并可完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP2 Microsoft Windows Vista...
Microsoft Message Queuing Service NULL Pointer Dereference Local Privilege Escalation Vulnerability
Description The Microsoft Message Queuing service is prone to a local privilege-escalation vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will...
Microsoft Security Bulletin MS09-040 - Important Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032)
Microsoft Security Bulletin MS09-040 - Important Vulnerability in Message Queuing Could Allow Elevation of Privilege 971032 Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in the Windows Message Queuing...
Heap overflow
Heap-based buffer overflow in the Microsoft Message Queuing MSMQ service mqsvc.exe in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing...
MS08-065: Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071)
The remote version of Windows is affected by a vulnerability in Microsoft Message Queuing Service MSMQ. An attacker may exploit this flaw to execute arbitrary code on the remote host with the SYSTEM privileges. Tenable Network Security, Inc. include"compat.inc"; if description scriptid34410;...
MS08-065: Microsoft Windows Message Queuing Service RPC Request Handling Remote Code Execution (951071) (uncredentialed check)
The remote version of Windows is affected by a vulnerability in its Microsoft Message Queuing Service MSMQ. An attacker may exploit this flaw to execute arbitrary code on the remote host with SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34413;...
Microsoft Windows Message Queuing Service Queue Name Handling (MS08-065) - ver 2 (CVE-2008-3479)
Microsoft Message Queuing MSMQ is a component of Microsoft Windows designed to act as a message portal between a set of applications requiring message exchange functionality. MSMQ enables applications that are running at different times to communicate across heterogeneous networks and across...
MS Windows Message Queuing Service RPC BOF Exploit (dnsname)
No description provided by source. / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 Mod of axis's code. CHANGELOG - added dnsname as a parameter, before it was hardcoded in the request data. Marcin Kozlowski Provided for legal security research and testing purposes ONLY Go throug...
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow MS07-065 2 / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 Mod of axis's code. CHANGELOG - added dnsname as a parameter, before it was hardcoded in the request data. Marcin Kozlowski Provided for legal security...
[EXPL] Microsoft Windows Message Queuing Service Stack Overflow Vulnerability (MS07-065, Exploit)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
MS Windows Message Queuing Service RPC BOF Exploit (MS07-065)
Exploit for unknown platform in category remote exploits ============================================================= MS Windows Message Queuing Service RPC BOF Exploit MS07-065 ============================================================= / Windows Message Queuing Service Remote RPC BOF Exploit...
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
/ Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 by axis http://www.ph4nt0m.org you should know the dnsname of target to trigger this vuln the service runs on port 2103/2105/2107 D:\soft\develop\MyProjects\temp\Debugtemp.exe -h 192.168.152.100 -p 2103...
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow MS07-065 1 / Windows Message Queuing Service Remote RPC BOF Exploit MS07-065 by axis http://www.ph4nt0m.org you should know the dnsname of target to trigger this vuln the service runs on port 2103/2105/2107...
MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow
This module exploits a stack buffer overflow in the RPC interface to the Microsoft Message Queueing service. This exploit requires the target system to have been configured with a DNS name and for that name to be supplied in the 'DNAME' option. This name does not need to be served by a valid DNS...
CVE-2007-3039
Stack-based buffer overflow in the Microsoft Message Queuing MSMQ service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable...
Immunity Canvas: MS07_065
Name| ms07065 ---|--- CVE| CVE-2007-3039 Exploit Pack| CANVAS Description| Microsoft Message Queuing Service Overflow Notes| CVE Name: CVE-2007-3039 VENDOR: Microsoft MSADV: MS07-065 Repeatability: One shot Note: Windows XP needs a valid Username and Password. According to the SWI Weblog: " There...
Microsoft Windows Message Queuing Service Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows with the Message Queuing Service enabled. Authentication is not required to exploit this vulnerability. The specific flaw exists in the RPC interface defined on port 2103 with UUI...
CVE-2007-5331
Queue.dll for the message queuing service LQserver.exe in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference...