182 matches found
US-CERT Technical Cyber Security Alert TA09-020A -- Microsoft Windows Does Not Disable AutoRun Properly
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-020A Microsoft Windows Does Not Disable AutoRun Properly Original release date: January 20, 2009 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows Overview Disabling...
PT-2009-2915 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows attackers to execute arbitrary code through various means, including inserting CD-ROM or DVD media, connecting a USB or Firewire device, mapping a network drive, ...
Make the server a reboot infinite loop-bug warning-the black bar safety net
The injection loop Source: Chinese hackers Alliance Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what should I do? Allow administrator to help us resta...
Citrix Metaframe Privilege escalation
Autorun item path is not fully specified...
wefi3330-lfi.txt
================================================== INFO ================================================== The wireless client, WeFi v3.3.3.0 is susceptible to a local information disclosure due to irresponsible coding. Earlier versions may also be affected...
Code injection
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a 1 CD-ROM device or 2 U3-enabled USB device containing a filesystem with an...
CVE-2008-0951
CVE-2008-0951 affects Windows Vista/Server 2008 where NoDriveTypeAutoRun is not properly enforced. The vulnerability allows code execution via (1) CD-ROM AutoRun paths or (2) U3-enabled USB devices containing an Autorun.inf file, with user-assisted remote or physically proximate access. Microsoft...
CVE-2008-0951
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a 1 CD-ROM device or 2 U3-enabled USB device containing a filesystem with an...
Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value
Overview Microsoft Windows fails to properly handle the NoDriveTypeAutoRun registry value, which may prevent Windows from effectively disabling AutoRun and AutoPlay features. Description AutoRun, which was introduced with Windows 95, is a feature that causes Windows to automatically take an actio...
The coolest windows Backdoor-vulnerability warning-the black bar safety net
The back door principle: Go to: small Chapter blog http://blog.csdn.net/scz123/archive/2007/03/14/1528695.aspx In windows 2 0 0 0/xp/vista, press shift key 5 times, you can open the sticky position, 会运行sethc.exe and, in the login interface may also be open. It's reminiscent of a WINDOWS...
SunnComm MediaMax privilege elevation vulnerability
Overview SunnComm MediaMax contains a privilege elevation vulnerability, which may allow a user with limited rights to execute code with elevated privileges. Description SunnComm MediaMax SunnComm MediaMax is copy protection software that is automatically installed by some audio CDs. Sony BMG has...
Analysis from Autorun. inf file of the attack-vulnerability warning-the black bar safety net
Recently the popular online via the AutoRun. inf file so that the each other all the hard drive completely shared, or in the Trojan horse method, since the AutoRun. inf files in hack technology the application is still very rare, the corresponding data is not much, there are a lot of people feel...
CVE-2005-4590
CVE-2005-4590 : Affects Spb Kiosk Engine 1.0.0.1. Local users can bypass restrictions on allowed applications via (1) removable media with an autorun-executing program and (2) applications that invoke other apps, demonstrated by a file: URL for a .exe. Root cause is bypass of application-restrict...
CVE-2002-0915
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file...
CVE-2002-0915
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file...
CVE-2002-0915
CVE-2002-0915 affects Xandros-based Linux distributions. A local user can abuse the autorun facility with the -c parameter to cause autorun to print the first line of an arbitrary file. The issue is described as a local-priority information disclosure without remote access. The NVD entry assigns ...
xandros-autorun.txt
There is a new debian based distro called Xandros making its way on to the market.I believe the developers from Corel Linux are on board with Xandros. It has at least one public beta and another on the way and I know of at least one OS that uses it as its backend. I got a chance to play on a coup...
CVE-2000-0155
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive...
CVE-2000-0155
CVE-2000-0155 affects Windows NT Autorun: the system executes the autorun.inf file on non-removable media, allowing a local attacker to specify an alternate program to run when other users access a drive. The provided documents describe the vulnerability in terms of its existence and impact (loca...
CVE-2000-0155
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive...