Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities

Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/19636/info Microsoft Windows 2000 is prone to multiple memory-corruption vulnerabilities that are related to the instantiation of COM objects. These issues ma...

Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation (MS05-055)

Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation MS05-055 / helper.c commented out below ms05-055.c /str0ke / / MS05-055 Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability Exploit Created by SoBeIt 12.25.2005 Main file of exploit Tested on: Windows 2000 PRO...

Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service

/ Author: Winny Thomas Nevis Labs, Pune, INDIA Details: While working on the exploit for MS05-047 i came across a condition where a specially crafted request to upnpgetdevicelist would cause services.exe to consume memory to a point where the target machines virtual memory gets exhausted. This...

Microsoft Windows Server 2000 - WINS Remote Code Execution

Microsoft Windows Server 2000 - WINS Remote Code Execution // / ZUCWins 0.1 - Wins 2000 remote root exploit / / Exploit by: zuc / / works on Windows 2000 SP3/SP4 probably every language / // include include include include include include include include include include include include include...

Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service

Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service // This is a new unpatched vulnerability - NOT the MS03-026 include include include include include include unsigned char bindstr= 0x05,0x00,0x0B,0x03,0x10,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x7F,0x00,0x00,0x00,...

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation 1 // source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain...

Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)

// source: https://www.securityfocus.com/bid/8128/info It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. / tac0tac0.c - pay no attention to the name, long...

Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow

Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow // source: https://www.securityfocus.com/bid/7411/info A problem has been reported in Microsoft Windows. Due to improper bounds checking by the regedit.exe program, it may be possible for a local attacker to execute...

Microsoft Windows Server 2000 - 'RegEdit.exe' Registry Key Value Buffer Overflow

// source: https://www.securityfocus.com/bid/7411/info A problem has been reported in Microsoft Windows. Due to improper bounds checking by the regedit.exe program, it may be possible for a local attacker to execute arbitrary code as another user. / 09/04/2003...

Microsoft Windows Server 2000 SP1SP2 - isapi .printer Extension Overflow (2)

Microsoft Windows Server 2000 SP1SP2 - isapi .printer Extension Overflow 2 / IIS 5 remote .printer overflow. "jill.c" don't ask. by: dark spyrit respect to eeye for finding this one - nice work. shouts to halvar, neofight and the beavuh bitchez. this exploit overwrites an exception frame to contr...