Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9390/info It has been reported that FreeWeb server of FreeProxy may be prone to a denial of service vulnerability that may allow an attacker to crash the server process by supplying a malformed HTTP request. The issue...

Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit

No description provided by source. Micropoint Proactive Denfense Mp110013.sys = 1.3.10123.0 Local Privilege Escalation Exploit VULNERABLE PRODUCTS Micropoint Proactive Denfense = 100323.1.2.10581.0285.r1 mp110013.sys = 1.3.10123.0 DETAILS: mp110013.sys handles DeviceIoControl request which tells...

Micropoint Proactive Denfense Mp110013 <= 1.3.10123.0 Local Privilege

Exploit for windows platform in category local exploits ============================================================================================ Micropoint Proactive Denfense Mp110013.sys = 1.3.10123.0 Local Privilege Escalation Exploit...

CVE-2007-3493

A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio NCTAudioStudio2 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product...

CVE-2007-3493

A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio NCTAudioStudio2 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product...

NCTAudioStudio2 ActiveX DLL 2.6.1.148 CreateFile() Insecure Method

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"-------------------------------------------------------------------------------------------------- bNCTAudioStudio2 ActiveX DLL NCTWavChunksEditor2.dll v. 2.6.1.148 "CreateFile"Insecure...

Design/Logic Flaw

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method...

CVE-2007-3400

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method...

NCTAudioStudio2 ActiveX DLL 2.6.1.148 CreateFile() Insecure Method

Exploit for unknown platform in category remote exploits ================================================================== NCTAudioStudio2 ActiveX DLL 2.6.1.148 CreateFile Insecure Method ==================================================================...

NCTAudioEditor2.txt

------------------------------------------------------------------------------------------ NCTAudioEditor2 ActiveX DLL NCTWMAFile2.dll v. 2.6.2.157 "CreateFile"Insecure Method url: http://www.nctsoft.com/products/NCTAudioEditor2/ author: shinnai mail: shinnaiatautisticidotorg site:...

NCTAudioStudio2 - ActiveX DLL 2.6.1.148 &#039;CreateFile()&#039;/ Insecure Method

-------------------------------------------------------------------------------------------------- NCTAudioStudio2 ActiveX DLL NCTWavChunksEditor2.dll v. 2.6.1.148 "CreateFile"Insecure Method url: http://www.nctsoft.com/products/NCTAudioEditor2/ author: shinnai mail: shinnaiatautisticidotorg site...

NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157) Exploit

No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"------------------------------------------------------------------------------------------ bNCTAudioEditor2 ActiveX DLL NCTWMAFile2.dll v. 2.6.2.157 "CreateFile"Insecure Method/b url:...

NCTAudioStudio2.txt

-------------------------------------------------------------------------------------------------- NCTAudioStudio2 ActiveX DLL NCTWavChunksEditor2.dll v. 2.6.1.148 "CreateFile"Insecure Method url: http://www.nctsoft.com/products/NCTAudioEditor2/ author: shinnai mail: shinnaiatautisticidotorg site...

using named pipes for local privilege escalation

Digital Scream August, 2003 Using named pipes for local privilege escalation For Phrack magazine 61 Operating systems created by Microsoft in recent years several years old, based on the Windows NT kernel. This decision is positive affected the security of released operating systems, relatively...

The current most popular several bundle techniques-vulnerability warning-the black bar safety net

A traditional bundle This principle is very simple, is currently the most used one. Is the B. exe attached to A. exe at the end. So when A. exe to be executed when the B. exe also follow the implementation. This bundle of code over the network. My earliest is from jingtao's an article about the...

SQL Injection: miniBB 2.0 RC6b

SQL Injection GET Не фильтруется параметр confirmCode. /index.php?action=confirmpasswd&confirmCode=f' union select '? passthru$GETcmd ?' from mysql.user INTO OUTFILE '/var/www/html/shell.php'/ Не фильтруется параметр post. /index.php?action=delmsg&post=1' union select 1,1 from mysql.user INTO...

Hand-Crafted Software FreeProxy 3.5/3.6 - FreeWeb CreateFile Function Denial of Service

source: https://www.securityfocus.com/bid/9390/info It has been reported that FreeWeb server of FreeProxy may be prone to a denial of service vulnerability that may allow an attacker to crash the server process by supplying a malformed HTTP request. The issue exists in the 'CreateFile' function o...

Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb CreateFile Function Denial of Service

Hand-Crafted Software FreeProxy 3.53.6 - FreeWeb CreateFile Function Denial of Service source: https://www.securityfocus.com/bid/9390/info It has been reported that FreeWeb server of FreeProxy may be prone to a denial of service vulnerability that may allow an attacker to crash the server process...

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)

// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...

Microsoft Windows CreateFile API Named Pipe Privilege Escalation Vulnerability

Description It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. Technologies Affected Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Advanced Serv...