322 matches found
MS01-048: RPC Endpoint Mapper Malformed Request DoS (305399)
The hotfix for the 'RPC Endpoint Mapper Service on NT 4 has not been applied' problem has not been applied. Because the endpoint mapper runs within the RPC service itself, exploiting this vulnerability would cause the RPC service to fail, with the attendant loss of any RPC-based services the serv...
the other IE cookie stealing bug (MS01-055)
The patch for MS01-055 released today by Microsoft includes three fixes. Two of them are for cookie stealing bugs. One of those cookie stealing bugs was previously publicized on bugtraq, details on the other are now available at http://alive.znep.com/marcs/security/iecookie2/ This document is...
MS01-046: IrDA Driver Malformed Packet Remote DoS (252795)
The hotfix for the 'IrDA access violation patch' problem has not been applied. This vulnerability can allow an attacker who is physically near the W2K host to shut it down using a remote control. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10734;...
Security Bulletin MS01-038
---------------------------------------------------------------------- Title: Outlook View Control Exposes Unsafe Functionality Date: 12 July 2001 Software: Outlook 98, 2000, and 2002 Impact: Run code of attacker's choice via either web page or HTML e-mail. Bulletin: MS01-038 Microsoft encourages...
CVE-2001-0336
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request...
Microsoft Internet Explorer (IE) permits modification of URL displayed in address bar
Overview A vulnerability exists in Microsoft Internet Explorer which could could enable an attacker to spoof trusted web sites. Description A vulnerability exists in Microsoft Internet Explorer. This vulnerability could enable a web page to display the URL from a different web site in the IE...
MS01-003: Winsock2ProtocolCatalogMutex Mutex Local DoS (279336)
By default, Windows NT sets weak permissions on the Winsock mutex. A local user without any privilege may abuse these permissions to lock the mutex indefinitely and, therefore, disrupt the network operations of the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description...
ntsecurity.nu advisory: Winsock Mutex Vulnerability in Windows NT 4.0 SP6 and below
-- Winsock Mutex Vulnerability in Windows NT 4.0 SP6 and below -- Author: Arne Vidstrom [email protected] - http://ntsecurity.nu Severity: Denial Of Service if the attacker is able to execute the exploit code under any account on the system. Remote exploitation is not possible. Details:...
Security Bulletin (MS00-089)`
Microsoft Security Bulletin MS00-089 - -------------------------------------- Patch Available for "Domain Account Lockout" Vulnerability Originally posted: November 21, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Windows 2000. The...
Update: Microsoft Security Bulletin (MS00-086)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-086 - -------------------------------------- Patch...
Security Bulletin (MS00-087)
Microsoft Security Bulletin MS00-087 - -------------------------------------- Patch Available for "Terminal Server Login Buffer Overflow" Vulnerability Originally posted: November 08, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Window...
Security Bulletin (MS00-086)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-086 - -------------------------------------- Patch...
Wang/Kodak Image Annotation ActiveX Control
Overview Description The Image Annotation control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Annotation control is one of several controls used to provide image editting services through a web site...
New Allaire Security Zone Bulletins Posted
Dear Allaire Customer -- New security issues that may affect Allaire customers have recently come to our attention. Please visit the Security Zone at the Allaire Web site to learn about these new issues and what actions you can take to address them: http://www.allaire.com/security This week we...
Security Bulletin (MS00-079)
Microsoft Security Bulletin MS00-079 - - -------------------------------------- Patch Available for "HyperTerminal Buffer Overflow" Vulnerability Originally posted: October 18, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the HyperTerminal...
Security Bulletin (MS00-074)
Microsoft Security Bulletin MS00-074 - -------------------------------------- Patch Available for "WebTV for Windows Denial of Service" Vulnerability Originally posted: October 11, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr WebTV for...
HHControl Object (showHelp) may execute shortcuts embedded in help files
Overview The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file CHM to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not...
MS00-067: Telnet Client NTLM Authentication Vulnerability (272743)
The hotfix for the 'Telnet Client NTLM Authentication' problem has not been applied. This vulnerability may, under certain circumstances, allow a malicious user to obtain cryptographically protected login credentials from another user. C Tenable Network Security, Inc. include"compat.inc"; if...
Security Bulletin (MS00-067)
Microsoft Security Bulletin MS00-067 - --------------------------------------- Patch Available for "Windows 2000 Telnet Client NTLM Authentication" Vulnerability Originally posted: September 14, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the...
MS00-065: Still Image Service Privilege Escalation patch (272736)
The hotfix for the 'Still Image Service Privilege Escalation' problem has not been applied. This vulnerability allows a malicious user, who has the right to log on this host locally, to gain additional privileges on this host. C Tenable Network Security, Inc. include"compat.inc"; if description...