Microsoft Indexing Services for Windows 2000 File Verification Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1933/info Microsoft Windows 2000 Indexing Services is a search engine that will allow a user to perform full-text searches of online sites using their browsers. Search results include Word, Excel, PowerPoint, and HTML...

Microsoft Indexing Services for Windows 2000/NT 4.0 .htw Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1861/info A cross-site scripting vulnerability has been reported in Microsoft Indexing Services for Windows 2000/NT4 and its handling of the .htw extension. If a user inadvertantly opened a hostile link through a browser ...

Microsoft Security Bulletin MS00-084: Patch Available for 'Indexing Services Cross Site Scripting' Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- - - ----------------------------------------------------------------- Title: Patch Available for 'Indexing Services Cross Site Scripting' Vulnerability Released: 02 November 2000 Revised: 09 April 2003 version 2.0 Software: Microsoft Indexing Services for Window...

Microsoft Windows 2000 Indexing Services enumerates local file locations via ixsso.query ActiveX object

Overview Index Server 2.0 and the Indexing Service 3.0 contain a vulnerability that may allow remote intruders to gain information about files on the local computer. Description Index Server 2.0 and Indexing Service 3.0 are services that allow information about local files to be queried via a web...

CVE-2000-0942

The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting CSS attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability...

CVE-2000-0942

CVE-2000-0942 affects the CiWebHitsFile component of Microsoft Indexing Services for Windows 2000. The vulnerability allows remote attackers to perform a cross-site scripting (XSS) attack via a CiRestriction parameter in a .htw request. The NVD/connected records confirm the impact as a partial co...

CVE-2000-1105

The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled...

Security Bulletin MS00-098

====================================================================== Issue: ActiveX control in Indexing Services could allow web application to read file properties Date: 19 December 2000 Affected Software: Index Server 2.0 ships in Windows NT 4.0 Option Pack; Indexing Services 3.0 ships in...

Проблема с ActiveX в Microsoft Indexing Services

Через ActiveX возможно получить список и аттрибуты файлов...

CVE-2000-1105

The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled...

CVE-2000-1105

The CVE-2000-1105 vulnerability relates to the ixsso.query ActiveX control, which is incorrectly marked safe-for-scripting. CERT details show that Index Server 2.0 and Indexing Service 3.0 expose a web-accessible interface allowing remote attackers to enumerate local files on a Windows 2000 syste...

CVE-2000-0942

The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting CSS attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability...

Microsoft Indexing Service (Windows 2000) - File Verification

Microsoft Indexing Service Windows 2000 - File Verification Demo - IE 5.x Win2000 Indexing service vulnerability Demo - IE 5.x Win2000 Indexing service vulnerability Legal Notice: This Advisory and Demonstration is Copyright c 2000 Georgi Guninski. You may distribute it unmodified. You may not...

Security Bulletin (MS00-084)

Microsoft Security Bulletin MS00-084 - -------------------------------------- Patch Available for "Indexing Services Cross Site Scripting" Vulnerability Originally posted: November 02, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr...

Microsoft Indexing Service (Windows 2000NT 4.0) - .htw Cross-Site Scripting

Microsoft Indexing Service Windows 2000NT 4.0 - .htw Cross-Site Scripting source: https://www.securityfocus.com/bid/1861/info A cross-site scripting vulnerability has been reported in Microsoft Indexing Services for Windows 2000/NT4 and its handling of the .htw extension. If a user inadvertantly...

Microsoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting

source: https://www.securityfocus.com/bid/1861/info A cross-site scripting vulnerability has been reported in Microsoft Indexing Services for Windows 2000/NT4 and its handling of the .htw extension. If a user inadvertantly opened a hostile link through a browser or HTML compliant e-mail client,...

Microsoft Index Server 2.0 Indexing Service (Windows 2000) - Directory Traversal

Microsoft Index Server 2.0 Indexing Service Windows 2000 - Directory Traversal // source: https://www.securityfocus.com/bid/950/info Index Server 2.0 is a utility included in the NT 4.0 Option Pack. The functionality provided by Index Service has been built into Windows 2000 as Indexing Services...