Microsoft Security Advisory 4025685: Guidance for older platforms (XP / 2003) (EXPLODINGCAN)

The remote Windows host is missing a security update. It is, therefore, affected by one or more of the following vulnerabilities : - A remote code execution vulnerability exists in how the Remote Desktop Protocol RDP handles requests if the RDP server has Smart Card authentication enabled. An...

Microsoft IIS WebDav ScStoragePathFromUrl Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule ' Microsoft IIS WebDav ScStoragePathFromUrl Overflow', 'Description' = %q Buffer overflow in the ScStoragePathFromUrl function in the WebDAV servic...

Nmap NSE 6.01: http-iis-webdav-vuln

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE net: http-iis-webdav-vuln

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft unleashes 31 fixes on Patch Tuesday

From ZDNet Ryan Naraine Microsoft’s batch of patches this month is a big one: 10 bulletins covering a total of 31 documented vulnerabilities affecting the Windows OS, the Internet Explorer browser and the Microsoft Office productivity suite Word, Works and Excel. Five of the 10 bulletins are rate...

Inside Patch Tuesday: MS patches IIS WebDav, PWN2OWN flaws

Microsoft released 10 security bulletins today. Six of the bulletins impact the Windows operating system, while one applies to the Internet Explorer browser and three affects Microsoft Office Word, Excel, Works. Some interesting notes for today: 1. Microsoft has patched the IIS WebDav 0-day. This...

A guide to the IIS WebDAV vulnerability

Even for the most experienced security professionals, understanding complex attacks and vulnerabilities sometimes can be a serious challenge. A perfect example is the recent Microsoft IIS WebDAV vulnerability, which surfaced last week and has yet to be patched by Microsoft. It’s a complicated...

MS Windows WebDav III remote root Exploit (xwdav)

No description provided by source. / IIS 5.0 WebDAV Exploit Xnuxer Lab By Schizoprenic, Copyright c 2003 WebDAV exploit without netcat or telnet and with pretty magic number as RET / include stdio.h include errno.h include string.h include stdlib.h include fcntl.h include sys/types.h include...

MS Windows IIS WebDAV XML Denial of Service Exploit (MS04-030)

Exploit for unknown platform in category dos / poc ============================================================== MS Windows IIS WebDAV XML Denial of Service Exploit MS04-030 ============================================================== !/usr/bin/perl IIS BlowOut POC exploit for MS04-030. Found ...

IIS WebDav Denial of Service attacks - Update to SPI Dynamics

In SPI Dynamics own advisory it mentions that IIS will restart itself - whilst this is true, by supplying a specific number of bytes, we can terminate all the threads, but leaving INETINFO still alive. Despite INETINFO not dying, the process will no longer serve any requests. This provides a more...

def-2001-26: IIS WebDav Lock Method Memory Leak DoS

====================================================================== Defcom Labs Advisory def-2001-26 IIS WebDav Lock Method Memory Leak DoS Author: Peter Grьndl [email protected] Release Date: 2001-05-17 ======================================================================...