PostNuke 0.750.76 Blocks Module - Directory Traversal

PostNuke 0.750.76 Blocks Module - Directory Traversal source: https://www.securityfocus.com/bid/13636/info PostNuke Blocks module is affected by a directory traversal vulnerability. The problem presents itself when an attacker passes a name for a target file, along with directory traversal...

windows 9x/NT/2k/XP PEB method 31 bytes

Exploit for win32 platform in category shellcode ======================================= Windows 9x/NT/2k/XP PEB method 31 bytes ======================================= / 004045F4 6A 30 PUSH 30 004045F6 59 POP ECX 004045F7 64:8B09 MOV ECX,DWORD PTR FS:ECX 004045FA 85C9 TEST ECX,ECX 004045FC 78 0C...

mozilla -- NULL bytes in FTP URLs

When handling FTP URLs containing NULL bytes, Mozilla will interpret the file content as HTML. This may allow unexpected execution of Javascript when viewing plain text or other file types via FTP...

CVE-2002-2415

Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero null bytes sent via UDP to a running service...

CVE-2001-0738

LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service hang by causing null bytes to be placed in log messages...

CVE-2000-0983

Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service CPU utilization via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability...

CVE-2000-0837

CVE-2000-0837 affects FTP Serv-U 2.5e, where a remote attacker can cause a denial of service by sending a large number of null bytes to the FTP service. The underlying issue is the service crashing under大量 null-byte input (as documented in public advisories and the Nessus plugin for Serv-U 2.5e D...

CVE-2000-0983

Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service CPU utilization via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability...

CVE-2000-0837

FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes...

servu25e.txt

================================================================= Blue Panda Vulnerability Announcement: FTP Serv-U 2.5e 04/08/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: Sending FTP Serv-U a string...

Уязвимость в NTLMv1

Используется операция побитового илсключаещего или XOR с битовой последовательностью. Пароль передается как Unicode-строка, при этом используется большое количество нулевых байт в известных позициях, что позволяет обнаружить последовательность и извлечь пароль в случае перехвата пакета...

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service

Microsoft SQL Server 7.07.0 SP1 - NULL Data Denial of Service // source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception...

Microsoft SQL Server 7.0/7.0 SP1 - NULL Data Denial of Service

// source: https://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTIONACCESS VIOLATION". / sqldos.c -- a DoS attack agains MS...