80sec members kevin found the IIS 6.0 0day vulnerabilities-vulnerability warning-the black bar safety net

This two-day blended really not easy Ah, a wave of linux udev just finished processing, here comes a wave of IIS 6 vulnerabilities. 8 5 After engage the safety to engage the relatively good also so a few, 80sec kevin was one, young promising Ah. This vulnerability, scratch no Ding, reproduced in...

The Ryan & Roel Show Episode 2

Clickjacking: Ryan and Roel tackle browser-threat hype – Tue, October 21, 2008 The cross-browser clickjacking threat, malware on new Asus EEE machines, phishing and the elections/financial crisis, the iPhone security mess, Microsoft Patch Tuesday and the exploding fraudware/rogueware problems...

Microsoft Windows媒体组件ISATAP URL处理信息泄露漏洞（MS08-076）

BUGTRAQ ID: 32654 CVECAN ID: CVE-2008-3010 Windows媒体组件包括Windows Media Player、Windows Media Format Runtime和Windows Media Services等多种服务和应用。...

MS08-056: Microsoft Office CDO Protocol (cdo:) Content-Disposition: Attachment Header XSS (957699)

The remote host is running a version of Microsoft Office that is subject to an information disclosure flaw. When a user clicks on a special CDO URL, an attacker could inject a client side script that could be used to disclose information. To succeed, the attacker would have to send a rogue CDO UR...

Microsoft Office WPG图形文件处理堆溢出漏洞（MS08-044）

BUGTRAQ ID: 30598 CVECAN ID: CVE-2008-3021 Microsoft Office是非常流行的办公软件套件。 Office的WPGIMP32.FLT模块没有正确地处理office文档中的PICT图形，如果PICT图形文件中包含有超长的bitsperpixel字段的话，则打开该文件就可能触发堆溢出，导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office Converter Pack Microsoft Office 2003 Service Pack 2 Microsoft Office 2000 SP3...

MS Internet Explorer .ANI Remote Stack Overflow (0.2)

No description provided by source. !-- Changed location of InternetExploiter3.2.ani to point to sploits directory /str0ke -- HTML!-- ,sSSSs, Ss, Internet Exploiter 3 v0.2 SS" YS' 'Ss. .ANI stackoverflow PoC exploit iS' ,SS" Copyright C 2003, 2004 by Berend-Jan Wever. YS, .ss ,sY"...

Microsoft Word CSS处理内存破坏漏洞(MS08-026)

BUGTRAQ ID: 29105 CVECAN ID: CVE-2008-1434 Microsoft Word是Office套件中的文字处理软件。 Word处理特制DOC文档的方式中存在一个内存破坏漏洞，如果用户打开的Word文件中CSS选择器的数量大于特定值的话，就会破坏某一对象，导致Word访问已经释放的内存区域。成功利用这个漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Word Viewer 2003 SP1 Microsoft Word Viewer 2003 Microsoft Wo...

MS07-0 6 5 Message Queuing Service RPC remote overflow analysis-vulnerability warning-the black bar safety net

Author: axis Date: 2007-12-17 Team: http://www.ph4nt0m.org Microsoft's patch link http://www.microsoft.com/technet/security/bulletin/ms07-065.mspx According to ZDI vulnerability description: The specific flaw exists in the RPC interface defined on port 2 to 1 0 3 with UUID...

MS07-057: Cumulative Security Update for Internet Explorer (939653)

The remote host is missing the IE cumulative security update 939653. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid26963;...

Microsoft Visio文档封装远程代码执行漏洞（MS07-030）

Microsoft Visio是Office套件中用于绘制流程图的软件。 Microsoft Visio解析Visio文件格式中的打包对象的方式存在内存破坏漏洞，成功利用此漏洞的攻击者可能完全控制受影响的系统。 攻击者可能通过创建恶意Visio（.VSD、.VSS或.VST）文件诱使用户打开处理来利用此漏洞，如果用户访问恶意网站或打开电子邮件中包含的特制Visio附件，则这些文件可能允许远程执行指令。 Microsoft Visio 2003 Microsoft Visio 2002 临时解决方法： 不要打开或保存从不受信任来源或从受信任来源意外收到的Microsoft Visio文件。...

More information on ZERT patch for ANI 0day

Hi, more information about the patch released April 1st can be found here: http://zert.isotf.org/ Including: 1. Technical information. 2. Why this patch was released when eeye already released a third party patch. The newly discovered zero-day vulnerability in the parsing of animated cursors is...

Microsoft Visual Studio “WMI Object Broker”控件代码执行漏洞（MS06-073）

Microsoft Visual Studio是微软公司的开发工具套件系列产品，是一个基本完整的开发工具集，包括了软件整个生命周期中所需要的大部分工具。 Visual Studio的"WMI Object Broker"控件在例程的创建和处理上存在漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意恶意代码。 Visual Studio所捆绑的WMI Object Broker ActiveX控件允许创建系统上已有的ActiveX控件例程。以这种方式创建的ActiveX对象会绕过ActiveX安全限制，如忽略kill bit和safe for...

Microsoft Internet Explorer OBJECT标签内存破坏漏洞（MS06-021）

Microsoft Internet Explorer是微软发布的非常流行的WEB浏览器。 IE在处理某些异常情况时存在内存破坏漏洞。如果用户受骗访问了恶意的站点的话，IE就会允许对象注册可能无法正确处理某些情况的异常处理器，通过特别序列的嵌套“object” HTML标签触发内存破坏，导致执行任意代码。 这个漏洞是CVE-2006-1992漏洞的一个变种。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 5.0 SP4 临时解决方法：...

Microsoft Windows Server service buffer overflow

Overview A stack-based buffer overflow exists in the Microsoft Server service. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code with SYSTEM privileges. Description Microsoft Server ServiceMS06-040 includes the following information: The Server service...

Internet Explorer Javaprxy.dll heap overflow

Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...

Internet Explorer Javaprxy.dll heap overflow

Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...

Windows NetDDE buffer overflow

Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...

Checks for MS HOTFIX for snmp buffer overruns

There is an Unchecked Buffer in SNMP Service and this checks to see if the Microsoft Patch has been applied only checks NT/Win2k and XP PRo. Impact of vulnerability: Run code of attacker's choice and denial of service attacks. Also may run snmp detect to see if snmp is running on this host. OpenV...

Microsoft SQL Server (MSSQL) Hello Overflow Vulnerability (Q316333) - Active Check

Microsoft SQL Server MSSQL is prone to a hello overflow vulnerability. SPDX-FileCopyrightText: 2002 Dave Aitel Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Dabber Worm Detection

W32.Dabber propagates by exploiting a vulnerability in the FTP server component of W32.Sasser.Worm and its variants. It installs a backdoor on infected hosts and tries to listen on port 9898. If the attempt fails, W32Dabber.A tries to listen on ports 9899 through 9999 in sequence until it finds a...