IIS 5.1 SP2 Detection (English Versions Only)

Binary data 3213.prm...

Immunity Canvas: MS05_043

Name| ms05043 ---|--- CVE| CVE-2005-1984 Exploit Pack| CANVAS Description| Windows Print Spooler Overflow Notes| References: http://www.microsoft.com/technet/security/Bulletin/MS05-043.mspx CVE Name: CVE-2005-1984 VENDOR: Microsoft MSADV: MS05-043 Repeatability: One shot Note: Run setthreadtoken0...

DSquare Exploit Pack: D2SEC_LOTUS_HASH

Name| d2seclotushash ---|--- CVE| CVE-2005-2428 Exploit Pack| D2ExploitPack Description| D2SEC Lotushash Notes|...

Immunity Canvas: MAILENABLE

Name| mailenable ---|--- CVE| CVE-2005-2223 Exploit Pack| CANVAS Description| MailEnable SMTP Stack Overflow Notes| CVE Name: CVE-2005-2223 VENDOR: MailEnable Post-exploitaion: Platforms Tested: Windows 2003 Standard edition base & up2date MailEnable 1.72 Windows 2003 Standard edition up2date...

Microsoft Security Bulletin MS05-036 Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214)

Microsoft Security Bulletin MS05-036 Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution 901214 Issued: July 12, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum...

CVE-2005-2079

CVE-2005-2079 describes a heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0–10.0 on Windows Servers. The flaw is capable of enabling remote attackers to execute arbitrary code. The root cause is a heap-based overflow in the Admin Plus Pack Option, leading to pot...

Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"

Overview The Microsoft Log Sink Class ActiveX control is incorrectly marked safe for scripting. This may allow a remote attacker to create or append to arbitrary files on a vulnerable system. Description ActiveXActiveX is a technology that allows programmers to create reusable software components...

[VulnWatch] Remote Unauthenticated Heap Overflow VERITAS Backup Exec Server for Windows

Mark Litchfield of NGSSoftware has discovered a high risk vulnerability in the Veritas Backup Exec Server for Windows which can allow remote code execution. Affected Products include - Backup Exec 10.0 for Windows Servers rev. 5484 Backup Exec 9.1 for Windows Servers rev. 4691 Backup Exec 9.0 for...

CVE-2005-2014

The "upload a language pack" feature in paFAQ 1.0 Beta 4 allows remote authenticated administrators to execute arbitrary PHP commands by uploading a malicious language pack...

CVE-2005-2014

The vulnerability CVE-2005-2014 affects the web-based FAQ system paFAQ 1.0 Beta 4 . The issue lies in the "upload a language pack" feature, which allows remote authenticated administrators to execute arbitrary PHP commands by uploading a malicious language pack. The CVE entry notes a MEDIUM sever...

CVE-2005-2014

The "upload a language pack" feature in paFAQ 1.0 Beta 4 allows remote authenticated administrators to execute arbitrary PHP commands by uploading a malicious language pack...

OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 : nwprint privilege escalation Advisory number: SCOSA-2005.26 Issue date: 2005 May 25 Cross reference: sr893493 fz531721 erg712826 CAN-2005-0993 1. Problem Description Buffer overflow in...

Immunity Canvas: IPSWITCH_CAL

Name| ipswitchcal ---|--- CVE| CVE-2005-1252 Exploit Pack| CANVAS Description| Ipswitch Calendar Directory Traversal Notes| CVE Name: CVE-2005-1252 VENDOR: IPSwitch Reference: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=242 VersionsAffected: IMail 8.13 up to 8.2p1...

CVE-2005-1743

BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions...

OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage Advisory number: SCOSA-2005.24 Issue date: 2005 May 13 Cross reference: sr893223 fz531468 erg712804 sr893224 fz531469 erg712805...

Immunity Canvas: MS05_010

Name| ms05010 ---|--- CVE| CVE-2005-0050 Exploit Pack| CANVAS Description| Microsoft License Logging Service Buffer Overflow Notes| References: http://www.microsoft.com/technet/security/Bulletin/MS05-010.mspx CVE Name: CVE-2005-0050 CVE Url: https://vulners.com/cve/CVE-2005-0050 CVSS: 10.0 Note:...

Immunity Canvas: MAILENABLE_IMAP

Name| mailenableimap ---|--- CVE| CVE-2005-1015 Exploit Pack| CANVAS Description| mailenableimap Notes| CVE Name: CVE-2005-1015 VENDOR: MailEnable VersionsAffected: MailEnable Enterprise = 1.04 Repeatability: Repeatable. CVE Url: https://vulners.com/cve/CVE-2005-1015 CVSS: 10.0...

MS Jet Database (msjet40.dll) Reverse Shell Exploit

Exploit for unknown platform in category local exploits =================================================== MS Jet Database msjet40.dll Reverse Shell Exploit =================================================== Microsoft Jet msjet40.dll Reverse Shell Exploit Based on the exploit written by S.Pears...

CVE-2000-1217

Microsoft Windows 2000 before Service Pack 2 SP2, when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain...

Microsoft Security Bulletin MS05-017 Vulnerability in Message Queuing Could Allow Code Execution (892944)

Microsoft Security Bulletin MS05-017 Vulnerability in Message Queuing Could Allow Code Execution 892944 Issued: April 12, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Message Queuing MSMQ Impact of Vulnerability: Remote Code Execution Maximum Severity Ratin...