Атака через web-формы (HTML Form Protocol Attack)

Содержимое формы может быть передано в любой порт эмулируя работу какого-либо протокола...

Advisory for Netcruiser

Advisory for NetCruiser 0.1.2.8 Netcruiser is made by Netcuiser Software Site: http://www.netcruiser-software.com by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0110 /-|=explanation=|- Netcruiser is a webserver. It has a simple path revealance bug. /-|=who is...

Savant 3.0 Denial Of Service

Not exactly sure what the problem is because it will handle the same request from a program that does the same thing. "Time is a factor" so pay attention man ;P Connect to the server using telnet or somthing and type in the following: GET / HTTP/1.1 Host:AAAAAAAAAAAAAAAAAAAA..... Where A x 260, h...

Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service (MS00-070)

Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service MS00-070 source: https://www.securityfocus.com/bid/1743/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedur...

Web Server HTTP Dangerous Method Detection

The PUT method allows an attacker to upload arbitrary web pages on the server. If the server is configured to support scripts like ASP, JSP, or PHP it will allow the attacker to execute code with the privileges of the web server. The DELETE method allows an attacker to delete arbitrary content fr...

Microsoft IIS 2.03.04.05.05.1 - Internal IP Address Disclosure

Microsoft IIS 2.03.04.05.05.1 - Internal IP Address Disclosure source: https://www.securityfocus.com/bid/1499/info When a remote user attempts to access an area protected by basic authentication with no realm defined, while specifying HTTP 1.0, Microsoft IIS will return an Access Denied error...

CVE-1999-1011

CVE-1999-1011 affects the RDS DataFactory component of Microsoft MDAC used by IIS 3.x/4.x, enabling remote command execution via unsafe DataFactory methods in msadcs.dll. Public docs reference MS99-025 security bulletin and multiple advisories; exploit code and modules exist (e.g., Metasploit MSS...

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request...

CVE-1999-0448

The CVE-1999-0448 issue affects IIS 4.0 and Apache by allowing remote control over log HTTP request methods so that the actual requested URL can be hidden. Root cause is how the log records capture the method, potentially truncating or misrepresenting the request, enabling a malicious user to con...

CVE-1999-1484

Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control setupbbs.ocx allows a remote attacker to execute arbitrary commands via the methods 1 vAddNewsServer or 2 bIsNewsServerConfigured...

foolproof.txt

Fooling Foolproof Security By Nightmare Foolproof security is a program that runs on a windows 9x box. The purpose of foolproof I guess is to keep people that don't know really know what they are doing from messing with stuff. It can be quite a annoying program if you are trying to do anything wi...

netscape.bookmarks.title.js.txt

Date: Sun, 16 May 1999 17:17:34 +0300 From: Georgi Guninski To: [email protected] Subject: Netscape Communicator bookmarks security vulnerability There is a security bug in Netscape Communicator 4.51 Win95, 4.07 Linux guess all 4.x versions are affected in the way they handle special bookmarks...

ms.exchange.outlook.javascript.txt

Date: Fri, 5 Mar 1999 11:30:56 -0000 From: Mat Newman To: "'[email protected]'" Subject: Exchange server web access You may have heard about this but... If someone is accessing Exchange server via the web then you can embed javascript into the email to get it to delete the contents of...

cable.modem.ip.hijack.txt

Cable Modem IP Hijacking in Win95/98 The purpose of this is to show you how bad cable modems security is and that even with a win box you can take someone else's IP. You can hijack IP's using a cable modem and it's very simple in any operating system. Just follow the steps: 1 Choose someone's IP...

defeat.solaris.nonexec.stack.txt

Hi, I've recently been playing around with bypassing the non-executable stack protection that Solaris 2.6 provides. I'm referring to the mechanism that you control with the noexecuserstack option in /etc/system. I've found it's quite possible to bypass this protection, using methods described...

bandwidthrape.txt

Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping Bandwidth Raping...

Microsoft Commercial Internet System 2.0/2.5 / IIS 4.0 / Site Server Commerce Edition 3.0 alpha/3.0 - Denial of Service

Microsoft Commercial Internet System 2.0/2.5,IIS 4.0,Site Server Commerce Edition 3.0 alpha/3.0 i386 Malformed HTTP Request Header DoS source: https://www.securityfocus.com/bid/579/info Microsoft IIS and all other products that use the IIS web engine have a vulnerability whereby a flood of...

SGI Advanced Linux Environment 3.0 SGI IRIX 6.5.4 SGI UNICOS 10.0 6 - arrayd.auth Default Configuration

SGI Advanced Linux Environment 3.0 SGI IRIX 6.5.4 SGI UNICOS 10.0 6 - arrayd.auth Default Configuration / source: https://www.securityfocus.com/bid/530/info The SGI Array Services provide a mechanism to simplify administering and managing an array of clustered systems. The arrayd1m program is par...

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request...

PT-1999-1131 · Microsoft +1 · Iis +1

Name of the Vulnerable Software and Affected Versions: IIS version 4.0 Apache affected versions not specified Description: The issue allows a remote attacker to hide the URL they are requesting by taking advantage of how IIS 4.0 and Apache log HTTP request methods, regardless of their length...