40 matches found
EUVD-2000-0113
Malware in sbrugna...
MS Visual Studio RAD Support Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2906/info Due to an unchecked buffer in a subcomponent of FrontPage Server Extensions Visual InterDev RAD Remote Deployment Support, a specially crafted request via 'fp30reg.dll' could allow a user to execute arbitrary...
MS Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit)
No description provided by source. source: http://www.securityfocus.com/bid/2906/info Due to an unchecked buffer in a subcomponent of FrontPage Server Extensions Visual InterDev RAD Remote Deployment Support, a specially crafted request via 'fp30reg.dll' could allow a user to execute arbitrary...
Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
... FrontPage Server Extensions为FrontPage服务扩展,与IIS一起使用可以方便的支持管理、创建以及浏览FrontPage扩展的网站。 ... FrontPage Server Extensions对HTML页面的处理存在输入验证漏洞,远程攻击者可能在客户机器上执行任意脚本代码。 ... FrontPage Server Extensions的fpadmdll.dll中的一些参数没有正确的过滤返回给用户的特定输入,导致跨站脚本问题,可能允许攻击者以当前会话权限以客户机的浏览器中执行恶意脚本代码,利用这个漏洞必须用户交互。...
FrontPage 2000,IIS 4.0/5.0 Server Extensions Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1174/info The local path of a HTML, HTM, ASP, or SHTML file can be disclosed in Microsoft IIS 4.0/5.0 / Frontpage Server Extensions 1.1 and prior. Passing a path to a non-existent file to the shtml.exe or shtml.dll...
FrontPage Server Extensions Anonymous Login Scanner
This module queries the FrontPage Server Extensions and determines whether anonymous access is allowed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FrontPage Server Extensions Anonymous Log...
Microsoft FrontPage Server Extensions跨站脚本漏洞(MS06-017)
FrontPage Server Extensions为FrontPage服务扩展,与IIS一起使用可以方便的支持管理、创建以及浏览FrontPage扩展的网站。 FrontPage Server Extensions对HTML页面的处理存在输入验证漏洞,远程攻击者可能在客户机器上执行任意脚本代码。 FrontPage Server Extensions的fpadmdll.dll中的一些参数没有正确的过滤返回给用户的特定输入,导致跨站脚本问题,可能允许攻击者以当前会话权限以客户机的浏览器中执行恶意脚本代码,利用这个漏洞必须用户交互。...
FreeBSD : frontpage -- XSS vulnerability (c0171f59-ea8a-11da-be02-000c6ec775d9)
Esteban Martinez Fayo reports : The FrontPage Server Extensions 2002 included in Windows Server 2003 IIS 6.0 and available as a separate download for Windows 2000 and XP has a web page /vtibin/vtiadm/fpadmdll.dll that is used for administrative purposes. This web page is vulnerable to cross site...
frontpage -- cross site scripting vulnerability
Esteban Martinez Fayo reports: The FrontPage Server Extensions 2002 included in Windows Sever 2003 IIS 6.0 and available as a separate download for Windows 2000 and XP has a web page /vtibin/vtiadm/fpadmdll.dll that is used for administrative purposes. This web page is vulnerable to cross site...
CVE-2006-0015
Cross-site scripting XSS vulnerability in vtibin/vtiadm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the 1...
Microsoft Security Bulletin MS06-017 Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627)
Microsoft Security Bulletin MS06-017 Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting 917627 Published: April 11, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft FrontPage Server Extensions 2002 or Microsoft SharePoint Te...
Microsoft FrontPage Server Extensions - fp30reg.dll (MS03-051)
Microsoft FrontPage Server Extensions - fp30reg.dll MS03-051 / Frontpage fp30reg.dll Overflow MS03-051 discovered by Brett Moore Exploit by Adik netmaniac hotmail kg Binds persistent command shell on port 9999 Tested on Windows 2000 Professional SP3 English version fp30reg.dll ver 4.0.2.5526 -...
Microsoft FrontPage Server Extensions - 'fp30reg.dll' (MS03-051)
/ Frontpage fp30reg.dll Overflow MS03-051 discovered by Brett Moore Exploit by Adik netmaniac hotmail kg Binds persistent command shell on port 9999 Tested on Windows 2000 Professional SP3 English version fp30reg.dll ver 4.0.2.5526 - 13/Nov/2003 - / include include include pragma commentlib,"ws23...
MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)
漏洞描述:Microsoft FrontPage服务器扩展是Microsoft公司开发的用于加强IIS Web服务器的功能的软件包。Microsoft FrontPage Server Extensions存在两个新的安全漏洞,可导致远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以FrontPage进程权限在系统上执行任意指令。 第一个漏洞是由于FrontPage服务扩展的远程调试功能上存在缓冲区溢出,这个功能用于用户远程连接FrontPage服务扩展的服务器和远程调试内容使用,如Visual...
Microsoft SmartHTML interpreter (shtml.dll) contains vulnerability
Overview Microsoft's SmartHTML interpreter shtml.dll contains a remotely exploitable vulnerability. Description shtml.dll is a component of FrontPage Server Extensions. FrontPage Server Extensions allow web developers to add or change content and to manage the web server.Quoting from MS02-053, "T...
Microsoft Security Bulletin MS02-053: Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)
---------------------------------------------------------------------- Title: Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution Q324096 Released: 25 September 2002 Software: FrontPage Server Extensions 2000 and 2002 Impact: Denial of service or privilege elevation Max Risk:...
CVE-1999-1376
CVE-1999-1376 targets IIS 4.0 with FrontPage Server Extensions, via the fpcount.exe CGI. The vulnerability is a remote buffer overflow in the fpcount.exe CGI that could allow a remote attacker to execute arbitrary commands on the server, potentially crashing it or taking control. Incident details...
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands...
CVE-2001-0341
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request URL to fp30reg.dll...
Переполнение буфера в FrontPage Server Extensions (RAD buffer overflow)
Переполнение буфера в компоненте Visual Studio RAD...