Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 2 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)

// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 1 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...

Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

Overview A vulnerability exists in Microsoft Internet Information Server IIS which could disclose sensitive information contained in CGI-type files. Typically a CGI/script file on a web server should only be executable and not readable by remote users. Sensitive information contained in such a fi...