CVE-2015-4408

The CVE-2015-4408 issue affects Hikvision NVR models DS-76xxNI-E1/2 and DS-77xxxNI-E4 prior to version 3.4.0. A buffer overflow in the ISAPI HTTP handling allows remote authenticated users to cause a denial of service (service interruption) by sending a crafted HTTP request. Impact is specificall...

CVE-2015-4408

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the ISAPI issue...

Apache Tomcat JK ISAPI Connector Buffer Overflow Vulnerability

Apache Tomcat JK ISAPI Connector is a module for Apache or IIS to connect to the backend Tomcat , which supports clustering and load balancing and so on. A buffer overflow vulnerability exists in Apache Tomcat JK ISAPI Connector, which allows remote attackers to send specially crafted URIs to the...

Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow - ver 2 (CVE-2001-0241)

A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...

Ipswitch MOVEit DMZ MOVEitISAPI Information Disclosure Vulnerability

Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit A security vulnerability exists in the MOVEitISAPI service of DMZ due to the sending of different error messages based on the presence or absence of a FileID. A remote...

Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow - Ver2 (CVE-2001-0241)

A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...

NT IIS4 Remote Web-Based Administration Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/189/info Web-based administration for IIS 4.0 is, by default, limited to the local loopback address, 127.0.0.1. In instances where IIS4.0 was installed as an upgrade to IIS 2.0 or 3.0, a legacy ISAPI DLL ISM.DLL is left i...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

Microsoft IIS 4.0 ISAPI Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1911/info The ASP ISAPI file parser does not properly execute certain malformed ASP files that contain scripts with the LANGUAGE parameter containing a buffer of over 2200 characters and have the RUNAT value set as...

Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow

No description provided by source. $Id: ms03051fp30regchunked.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...

Microsoft IIS 4.0/5.0 Source Fragment Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1488/info Microsoft IIS 4.0 and 5.0 can be made to disclose fragments of source code which should otherwise be inaccessible. This is done by appending +.htr to a request for a known .asp or .asa, .ini, etc file. Appending...

Microsoft URLScan 2.5/ RSA Security SecurID 5.0 Configuration Enumeration Weakness

No description provided by source. source: http://www.securityfocus.com/bid/8419/info A weakness has been discovered in Microsoft URLScan and RSA Security SecurID when used in conjunction on a web server. The problem is said to occur due to the order in which the products are placed within the...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (1)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

NewAtlanta ServletExec/ISAPI 4.1 Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4793/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI discloses the absolute path to the webroot directory when sen...

NewAtlanta ServletExec/ISAPI 4.1 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4795/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. ServletExec/ISAPI will disclose the contents of arbitrary files within the...

Working Resources BadBlue 1.7.1 Search Page Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6253/info The ext.dll ISAPI does not sufficiently sanitize user-supplied input when processing search queries. This may allow an attacker to create a custom URL containing script code that, when viewed in a browser by a...

Microsoft IIS 2.0/3.0/4.0 ISAPI GetExtensionVersion() Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/501/info IIS and potentially other NT web servers have a vulnerability that could allow arbitrary code to be run as SYSTEM. This works because of the way the server calls the GetExtensionVersion function the first time an...

MS Windows 2000 sp1/sp2 isapi - .printer Extension Overflow Exploit (2)

No description provided by source. / IIS 5 remote .printer overflow. jill.c don't ask. by: dark spyrit [email protected] respect to eeye for finding this one - nice work. shouts to halvar, neofight and the beavuh bitchez. this exploit overwrites an exception frame to control eip and get to our...

John Roy Pi3Web 1.0.1 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2381/info A buffer overflow vulnerability has been reported in John Roy Pi3Web web server. The ISAPI application within the server fails to properly handle user supplied input. Requesting a specially crafted URL will caus...

Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/2674/info Windows 2000 Internet printing ISAPI extension contains msw3prt.dll which handles user requests. Due to an unchecked buffer in msw3prt.dll, a maliciously crafted HTTP .printer request containing approx 420 bytes...