Microsoft Windows XP Source Code Reportedly Leaked Online

Microsoft's long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was...

MS IE 5.0/4.0.1 hhopen OLE Control Buffer Overflow Vulnerability

No description provided by source. Microsoft Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4/Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0 hhopen OLE Control Buffer Overflow Vulnerability source: http://www.securityfocus.com/bid/669/info There is a buffer overflo...

Microsoft IIS 4.0 .HTR Path Overflow

No description provided by source. $Id: ms02018htr.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft Internet Explorer 5.0 HTML Form Control DoS

No description provided by source. Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 HTML Form Control DoS source: http://www.securityfocus.com/bid/606/info Certain Microsoft applications IE5, Outlook Express 5 are unable to display large HTML form fields within HTML tables...

Microsoft Internet Explorer 5.0 FTP Password Storage Vulnerability

No description provided by source. Microsoft Internet Explorer 5.0 for Windows 2000/Windows NT 4 FTP Password Storage Vulnerability source: http://www.securityfocus.com/bid/610/info FTP usernames and passwords for sites accessed via Internet Explorer 5.X are stored cleartext in history files stor...

Microsoft Windows 2000/NT 4 TCP Stack DoS Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139. Successful exploitation of th...

MS IE 5.0 for Windows 2000/95/98/NT 4 XML HTTP Redirect Vulnerability

No description provided by source. MS IE 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4 XML HTTP Redirect Vulnerability source: http://www.securityfocus.com/bid/815/info A vulnerability in the method IE5 uses to process XML data may allow a malicious web site owner to read files on a...

F-Secure BackWeb 6.31 Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10055/info A vulnerability has been reported in F-Secure BackWeb that may permit local attackers to gain system level privileges. The source of this vulnerability is that certain areas within the BackWeb interface permit...

MS IE 4.0 for Windows 95/Windows NT 4 Setupctl ActiveX Control Buffer Overflow

No description provided by source. Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4 Setupctl ActiveX Control Buffer Overflow source: http://www.securityfocus.com/bid/667/info There is a buffer overflow in the setupctl ActiveX control that used to ship with some versions of Microsoft's...

Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/7116/info The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function RtlDosPathNameToNtPathNameU and may be exploited through other...

Microsoft Windows 2000/NT 4 TCP Stack DoS Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3967/info An issue exists in Windows which could cause the TCP stack to consume all available system memory. This is achieved if a user sends numerous empty TCP packets to a host on port 139. Successful exploitation of th...

Microsoft IIS 4.0 - '.htr' Path Overflow (MS02-018) (Metasploit)

$Id: ms02018htr.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Outlook Express 6 恶意附件保护绕过漏洞

BUGTRAQ ID: 3271 微软OutLook Express 6中带了一个新的安全特性，额可以阻止用户打开或者保存可能有 害的附件。 然而，这个特性存在一个漏洞。攻击者可以通过在邮件中嵌入一个frame来绕过上述保护。 当攻击者在frame中嵌入一个".exe"或者“.bat"文件时，如果用户试图打开这个文件，恶 意程序可能被执行。用户也可以将其保存在硬盘上。 Microsoft Outlook Express 6.0 - Microsoft Windows ME - Microsoft Windows 98se - Microsoft Windows 98 - Microsof...

MS02-018 Microsoft IIS 4.0 .HTR Path Overflow

This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server wi...

Microsoft Windows DHCP Server Logging Remote Denial Of Service Vulnerability

Description Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote denial of service vulnerability in its logging functionality. This issue is due to a failure of the application to properly handle user-supplied network input. This vulnerability allows remote...

CVE-2003-0818

Multiple integer overflows in Microsoft ASN.1 library MSASN1.DLL, as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with 1 very large length fields that cause...

Microsoft Windows 2000NT 4 - RPC Locator Service Remote Overflow

Microsoft Windows 2000NT 4 - RPC Locator Service Remote Overflow / rpcexp.c RPC LOCATOR Exploit Autor: Marcin Wolak mail: [email protected] Last update: 30 march 2003 / / About Compilation: What You need to compile rpcexp.c ? 1. MS Platform SDK August SDK is sufficient. 2. Compilator f.e. MS Visual...

Webtraversal in PCI Netsupport Manager (all version up to 7 using web extensions)

It is possible to view and download files on machines running PCI Netsupport Manager all version up to 7 that have the web extensions switched on default port 80. This has only been tested on Windows NT 4 server and workstation and Windows 2000 Pro , Server and Advanced server. Example on a...

602Pro Lan Suite Denial Of Service

This problem was found with Version 2000A build 2000.1.0.35 latest version. The problem is effective locally and remotely on NT-4 and Windows 98.I haven't tested others. I dont have anything fancy to say about it really. Just somthing that was overlooked by the developers as was the last problem...

Savant 3.0 Denial Of Service

Not exactly sure what the problem is because it will handle the same request from a program that does the same thing. "Time is a factor" so pay attention man ;P Connect to the server using telnet or somthing and type in the following: GET / HTTP/1.1 Host:AAAAAAAAAAAAAAAAAAAA..... Where A x 260, h...