using named pipes for local privilege escalation

Digital Scream August, 2003 Using named pipes for local privilege escalation For Phrack magazine 61 Operating systems created by Microsoft in recent years several years old, based on the Windows NT kernel. This decision is positive affected the security of released operating systems, relatively...

The current most popular several bundle techniques-vulnerability warning-the black bar safety net

A traditional bundle This principle is very simple, is currently the most used one. Is the B. exe attached to A. exe at the end. So when A. exe to be executed when the B. exe also follow the implementation. This bundle of code over the network. My earliest is from jingtao's an article about the...

Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service

source: https://www.securityfocus.com/bid/9390/info It has been reported that FreeWeb server of FreeProxy may be prone to a denial of service vulnerability that may allow an attacker to crash the server process by supplying a malformed HTTP request. The issue exists in the 'CreateFile' function o...

Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb CreateFile Function Denial of Service

Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb CreateFile Function Denial of Service source: https://www.securityfocus.com/bid/9390/info It has been reported that FreeWeb server of FreeProxy may be prone to a denial of service vulnerability that may allow an attacker to crash the server process...

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

Overview A vulnerability exists in Microsoft Internet Information Server IIS which could disclose sensitive information contained in CGI-type files. Typically a CGI/script file on a web server should only be executable and not readable by remote users. Sensitive information contained in such a fi...