22 matches found
EUVD-2002-1164
Malware in sbrugna...
Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (3)
/ source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes in the 'Host:' field will allow...
Immunity Canvas: MS03_022
Name| ms03022 ---|--- CVE| CVE-2003-0349 Exploit Pack| CANVAS Description| IIS 5.0 Windows Media Services ISAPI nsisslog.dll Overflow Notes| CVE Name: CVE-2003-0349 VENDOR: Microsoft MSADV: MS03-022 VersionsAffected: Repeatability: Repeatable References:...
Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)
Microsoft IIS 5.0 - WebDAV Remote Code Execution 3 xwdav / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include include include include include include include include include define RET 0xc9c9...
Microsoft IIS 5.0 - WebDAV Remote
// / IIS 5.0 WebDAV -Proof of concept- / / Bug: CAN-2003-0109 / / By Roman Medina-Heigl Hernandez / / aka RoMaNSoFt / / Madrid, 23.Mar.2003 / / ================================= / / Public release. Version 1. / / --------------------------------- / // /...
IIS 5.0 Cross Site Scripting vulnerability
SYSTEMS AFFECTED ======== IIS 5.0 / Windows 2000 SP2 - SRP1 exploited with a browser CONTENTS ========= Subject: IIS 5.0 Cross Site Scripting Vulnerability Date: 27 September 2002 Risk: Medium DESCRIPTION ========= IIS 5.0 can be forced to return malicious content in user's browser. By using a...
Microsoft Internet Explorer 56 Konqueror 2.2.23.0 Weblogic Server 567 - Invalid X.509 Certificate Chain
Microsoft Internet Explorer 56 Konqueror 2.2.23.0 Weblogic Server 567 - Invalid X.509 Certificate Chain source: https://www.securityfocus.com/bid/5410/info A flaw has been reported in the handling of X.509 certificates by a number of products, including several web browsers. It may be possible fo...
Microsoft IIS 5.0 ServerVariables_Jscript.asp Path Disclosure
A sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use this information to make more focused attacks. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title...
Microsoft IIS 5.0 - False Content-Length Field Denial of Service
Microsoft IIS 5.0 - False Content-Length Field Denial of Service source: https://www.securityfocus.com/bid/3667/info Microsoft IIS 5.0 may be prone to a denial of service condition when sent a specially crafted malformed HTTP GET header. If an IIS 5.0 web server is sent a crafted HTTP GET request...
CVE-2001-0508
Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service restart via a long, invalid WebDAV request...
Microsoft IIS vulnerable to DoS via invalid request for very long WebDAV requests
Overview Intruders can disrupt the normal operation of an IIS 5.0 server using a malicious Web Distributed Authoring and Versioning WebDAV request. Description WebDAV is an extension to HTTP used to manage content on web servers. Quoting from RFC 2518: WebDAV is an extension to the HTTP/1.1...
Immunity Canvas: MS01_033
Name| ms01033 ---|--- CVE| CVE-2001-0500 Exploit Pack| CANVAS Description| IIS 5.0 Index Server ISAPI .ida Overflow Notes| CVE Name: CVE-2001-0500 VENDOR: Microsoft MSADV: MS01-033 VersionsAffected: Repeatability: References: http://www.microsoft.com/technet/security/bulletin/MS01-033.mspx CVE Ur...
IIS 5.0 PROPFIND DOS #2
Georgi Guninski security advisory 44, 2001 IIS 5.0 PROPFIND DOS 2 Systems affected: IIS 5.0 Risk: Medium Date: 6 May 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski. You may distribute it unmodified. You may not modify it and distribute it or distribute parts of it without th...
Microsoft Windows 2000/Internet Information Server (IIS) 5.0 Internet Printing Protocol (IPP) ISAPI contains buffer overflow (MS01-023)
Overview A vulnerability exists in Microsoft IIS 5.0 running on Windows 2000 that allows a remote intruder to run arbitrary code on the victim machine. Description Windows 2000 includes support for the Internet Printing Protocol IPP via an ISAPI extension. According to Microsoft, this extension i...
Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow (1)
Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow 1 source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer reques...
guninski26.txt
Georgi Guninski security advisory 26, 2000 IIS 5.0 cross site scripting vulnerability - using .htw Systems affected: IIS 5.0/Windows 2000. Exploited with browser IE,NC but the problem is in the web server. Risk: Medium Date: 28 October 2000 Legal Notice: This Advisory is Copyright c 2000 Georgi...
IIS 5.0 cross site scripting vulnerability - using .htw
Georgi Guninski security advisory 26, 2000 IIS 5.0 cross site scripting vulnerability - using .htw Systems affected: IIS 5.0/Windows 2000. Exploited with browser IE,NC but the problem is in the web server. Risk: Medium Date: 28 October 2000 Legal Notice: This Advisory is Copyright c 2000 Georgi...
CVE-2000-0778
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability...
CVE-2000-0778
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability...
Дырка в IIS 5.0
Некорректная реализация WebDAV позволяет получить список директории...