Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow (2)

Microsoft IIS 5.0 - .printer ISAPI Extension Buffer Overflow 2 / source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer...

Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (4)

source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes in the 'Host:' field will allow t...

Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (1)

source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes in the 'Host:' field will allow t...

Microsoft IIS 5.0 - '.printer' ISAPI Extension Buffer Overflow (2)

/ source: https://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes in the 'Host:' field will allow...

Vulnerabilities in Pi3Web Server

----- Begin Hush Signed Message from [email protected] ----- Vulnerabilities in Pi3Web Server Overview Pi3Web v1.0.1 is a web server available from http://www.zdnet.com. A vulnerability exists in the server's internal ISAPI handling procedures which results in a buffer overflow. The server al...

John Roy Pi3Web 1.0.1 - Buffer Overflow

John Roy Pi3Web 1.0.1 - Buffer Overflow source: https://www.securityfocus.com/bid/2381/info A buffer overflow vulnerability has been reported in John Roy Pi3Web web server. The ISAPI application within the server fails to properly handle user supplied input. Requesting a specially crafted URL wil...

John Roy Pi3Web 1.0.1 - Buffer Overflow

source: https://www.securityfocus.com/bid/2381/info A buffer overflow vulnerability has been reported in John Roy Pi3Web web server. The ISAPI application within the server fails to properly handle user supplied input. Requesting a specially crafted URL will cause the buffer to overflow and...

Дырка в HTR-файлах IIS

С помощью некорректного запроса к HTR-файлу можно подвесить обрарбатывающий его ISAPI фильтр. Кроме того, через HTR ISAPI ISM.DLL можно получить фрагменты некоторых файлов...

CVE-2000-1147

Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag...

CVE-2000-1147

CVE-2000-1147 describes a buffer overflow in the IIS ISAPI .ASP parsing mechanism, enabling attackers to execute arbitrary commands by sending a long string in the LANGUAGE argument of a script tag. The vulnerability is categorized with a MEDIUM base score (CVSS v2.0: AV:L/AC:L/Au:N/C:P/I:P/A:P) ...

Microsoft IIS 4.0 - ISAPI Buffer Overflow

Microsoft IIS 4.0 - ISAPI Buffer Overflow source: https://www.securityfocus.com/bid/1911/info The ASP ISAPI file parser does not properly execute certain malformed ASP files that contain scripts with the LANGUAGE parameter containing a buffer of over 2200 characters and have the RUNAT value set a...

Microsoft IIS 4.0 - ISAPI Buffer Overflow

source: https://www.securityfocus.com/bid/1911/info The ASP ISAPI file parser does not properly execute certain malformed ASP files that contain scripts with the LANGUAGE parameter containing a buffer of over 2200 characters and have the RUNAT value set as 'server'. Depending on the data entered...

CVE-2000-0835

The CVE-2000-0835 issue affects Sambar Server 4.4 Beta 3 where the search.dll ISAPI Search utility allows remote reading of arbitrary directories by supplying a directory path in the query parameter. This causes information disclosure (confidentiality impact) without integrity or availability dis...

Security Bulletin (MS00-057)

Microsoft Security Bulletin MS00-057 - -------------------------------------- Patch Available for "File Permission Canonicalization" Vulnerability Originally posted: August 10, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Internet...

CVE-2000-0246

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability...

CVE-2000-0246

The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...

RFP2K02: "Netscape engineers are weenies!"

----- UMBRA Advisory RFP2K02 -------------------------- rfp.labs --------- "Netscape engineers are weenies!" A back door in Microsoft FrontPage extensions/authoring components ------------------------------------- Alf Serer / [email protected] - rain forest puppy / [email protected] Table of...

RFP2K02.txt

----- UMBRA Advisory RFP2K02 -------------------------- rfp.labs --------- "Netscape engineers are weenies!" A back door in Microsoft FrontPage extensions/authoring components ------------------------------------- Alf Serer / [email protected] - rain forest puppy / [email protected] Table of...

CVE-2000-0246

IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability...

CVE-2000-0097

The CVE-2000-0097 vulnerability concerns Microsoft IIS WebHits ISAPI Filter used with Microsoft Index Server. The OpenVAS Active Check entries reference MS00-06 and confirm that the WebHits filter allows remote attackers to read arbitrary files via crafted requests (Mal-formed Hit-Highlighting Ar...