Microsoft Windows CE畸形RNDIS报文远程拒绝服务漏洞

Microsoft Windows CE是为各种嵌入式系统和产品设计的一种压缩的、高效的、可升级的操作系统OS）。 Microsoft Windows CE不正确处理畸形RNDIS报文，远程攻击者可以利用漏洞对系统进行拒绝服务攻击。 如果Windows CE上的应用程序使用RNDIS设备驱动，在处理畸形的RNDIS报文和文件数据，可导致应用程序崩溃。 Microsoft Windows CE 5.0 可采用如下升级补丁： Microsoft Windows CE 5.0 Microsoft Windows CE 5.0 Platform Builder Monthly Update...

Windows CE < 5.1 Detection

Binary data 4080.prm...

CVE-2007-3095

The vulnerability CVE-2007-3095 affects Symantec Reporting Server versions prior to 1.0.224.0 (including 1.0.197.0) as used with Symantec Client Security 3.1+ and SAV CE 10.1+. The issue is an authentication bypass that allows an attacker to disable authentication and access restricted functional...

Symantec Reporting Server Password Disclosure

SUMMARY The administrator password for Symantec Reporting Server could be disclosed after a failed login attempt. Risk Impact Medium Remote Access | Yes ---|--- Local Access | Yes Authentication Required | Yes Exploit publicly available | No AFFECTED PRODUCTS Affected Products Product | Affected...

CVE-2007-2322

NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a denial of service NULL dereference and application crash via a crafted packet that contains two CRLF sequences. NOTE: the provenance of this information is unknown; the details are obtained solely from...

Ce-Admin news publishing system vulnerability analysis-vulnerability warning-the black bar safety net

The news publishing system is currently mainly used for a picture news release, due to the generated html, the browsing speed is very fast, resulting in a more modified version, currently found in at least 4 modified version, the user group of the majority, although modified, but still there are...

CVE-2006-6908

Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windo...

CVE-2006-6908

CVE-2006-6908 describes a buffer overflow in the Widcomm Bluetooth Stack COM Server. Affected components include Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth impleme...

Linksys WIP 330 VoIP wireless phone crash from Nmap scan

Vulnerability Description ================== The Linksys WIP 330 VoIP wireless phone will crash when a full port-range Nmap scan is run against its IP address. Linksys WIP 330 Firmware Version ========================== 1.00.06A Nmap scan command ================ nmap -P0 WIP 330 ip address -p...

Windows CE MMS多媒体短信编辑器远程溢出漏洞

Windows CE是微软开发维护的运行于嵌入式设备的操作系统。 Windows CE自带的MMS多媒体短信编辑器程序实现上存在多个缓冲区溢出漏洞，远程攻击者可能利用此漏洞在用户设备上执行任意指令。 MMS多媒体短信编辑器在处理短信中TransactionID、Subject、ContentLocation等多个头部字段时存在溢出问题，攻击者可能通过向受害者发送畸形MMS消息导致在用户机器上执行任意指令。 Microsoft MMS Composer 2.0.0.13 Microsoft MMS Composer 1.5.5.6...

[NT] PicoWebServer Unicode Stack Overflow

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

PicoWebServer Remote Unicode Stack Overflow

Title: PicoWebServer Remote Unicode Stack Overflow Release Date: 28. May 2005 Author: Dennis Elser dennis backtrace de Vendor: Newmad Technologies http://www.newmad.se Vendor Status: Contacted Product: PicoWebServer Affected Version: 1.0 Platform: Microsoft Windows CE / PocketPC Processor Type: A...

CVE-2005-1395

Buffer overflow in Ce/Ceterm aka ARPUS/Ce 2.5.4 and earlier may allow local users to gain privileges via a long 1 XAPPLRESLANGPATH or 2 XAPPLRESDIR environment variable, or 3 command line argument...

CVE-2005-1396

Race condition in Ce/Ceterm aka ARPUS/Ce 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ceeditlog temporary file...

DMA[2005-0501a] - &#39;ARPUS/Ce setuid buffer overflow and file overwrite&#39;

DMA2005-0501a - 'ARPUS/Ce setuid buffer overflow and file overwrite' Author: Kevin Finisterre Vendor: http://www.swlink.net/styma/ce.shtml, http://168.158.26.15/ce/ce/ce.html Product: 'Ce/Ceterm' References: http://www.digitalmunition.com/DMA2005-0501a.txt Description: Ce/Ceterm aka. ARPUS/Ce is ...

CVE-2005-1395

Buffer overflow in Ce/Ceterm aka ARPUS/Ce 2.5.4 and earlier may allow local users to gain privileges via a long 1 XAPPLRESLANGPATH or 2 XAPPLRESDIR environment variable, or 3 command line argument...

CVE-2005-1396

The CVE-2005-1396 entry describes a race condition in Ce/Ceterm (aka ARPUS/Ce) versions 2.5.4 and earlier. The underlying issue allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file. Affected component: Ce/Ceterm, vulnerable file handling during log...

CVE-2005-1395

CVE-2005-1395 affects Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier. The vulnerability is a buffer overflow that can allow local users to gain privileges when a long environment variable (XAPPLRESLANGPATH or XAPPLRESDIR) is set or via a long command line argument. The Red Hat and NVD entries confirm...

CVE-2005-1396

Race condition in Ce/Ceterm aka ARPUS/Ce 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ceeditlog temporary file...

ARPUS/Ce Local File Overwrite Exploit (setuid)

No description provided by source. / Copyright Kevin Finisterre - ripped from my perlex.c DISCLAIMER I am in no way responsible for your stupidity. DISCLAIMER I am in no way liable for any damages caused by compilation and or execution of this code. WARNING DO NOT RUN THIS UNLESS YOU KNOW WHAT YO...