9282 matches found
NOVL-2002-2963349 - Rconag6 Secure IP Login Vulnerability - NW6SP2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2002-2963349 Title: Rconag6 Secure IP Login Vulnerability - NW6SP2 Date: 21-Aug-2002 Revision: Original Product Name: Netware 6 Service...
PT-2002-1747 · Microsoft · Windows 2000 +1
Name of the Vulnerable Software and Affected Versions: Windows NT versions prior to 4.0 SP3 Windows 2000 versions prior to SP3 Description: The issue allows local attackers to hide file usage activities by creating a hard link to the target file. This causes the link to be recorded in the audit...
Immunity Canvas: OPENSSL_KEYLEN
Name| opensslkeylen ---|--- CVE| CVE-2002-0656 Exploit Pack| CANVAS Description| OpenSSL keyarglen Overflow Notes| References: http://www.openssl.org/news/secadv20020730.txt CVE Name: CVE-2002-0656 VENDOR: OpenSSL Repeatability: Multiple WARNING: On busy webservers it might require couple of...
CVE-2002-0479
Gravity Storm Service Pack Manager 2000 creates a hidden share SPM2000c$ mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share...
Immunity Canvas: MSSQL_AUTH
Name| mssqlauth ---|--- CVE| CVE-2000-1209 Exploit Pack| CANVAS Description| MSSQL Null Auth Connect Notes| CVE Name: CVE-2000-1209 VENDOR: Microsoft OSVDB: http://www.osvdb.org/displayvuln.php?osvdbid=15757 Notes: Connect to a MSSQL server with auth or with null password and return a Shell Date...
Microsoft SQL Server 2000 - Resolution Service Heap Overflow
Microsoft SQL Server 2000 - Resolution Service Heap Overflow source: https://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute...
Sun iPlanet Web Server Buffer Overflow (#NISR09072002)
NGSSoftware Insight Security Research Advisory Name: iPlanet Search Buffer Overflow Systems: iWS 6.0 and iWS 4.1 Severity: High Risk if Search enabled Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.iplanet.com/ Author: David Litchfield [email protected] Advisory URL:...
KPMG-2002029: Bea Weblogic Performance Pack Denial of Service
-------------------------------------------------------------------- Title: Bea Weblogic Performance Pack Denial of Service BUG-ID: 2002029 Released: 8th Jul 2002 -------------------------------------------------------------------- Problem: ======== If the performance pack is enabled, the Bea...
Connection flood DoS against BEA Weblogic
If Performance Pack installed server crashes on connection flood...
Immunity Canvas: APACHECHUNK_WIN32
Name| apachechunkwin32 ---|--- CVE| CVE-2002-0392 Exploit Pack| CANVAS Description| Apache Chunk win32 Notes| References: http://www.apache.org CVE Name: CVE-2002-0392 VENDOR: Apache Notes: Apache 1.3 through 1.3.24 Repeatability: Multiple tries Date public: 06/17/2002 CERT Advisory:...
Microsoft SQL Server 2000 Microsoft Jet 4.0 Engine - Unicode Buffer Overflow (PoC)
Microsoft SQL Server 2000 Microsoft Jet 4.0 Engine - Unicode Buffer Overflow PoC source: https://www.securityfocus.com/bid/5057/info Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with...
CVE-2002-0479
Gravity Storm Service Pack Manager 2000 creates a hidden C: share (SPM2000c$) that maps to the system drive, enabling local users to bypass access restrictions on directories such as System32 via the hidden share. The sources document this behavior in the CVE-2002-0479 entry (NVD). No remediation...
CVE-2001-0716
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service crash via a large number of incomplete connections to the server...
Immunity Canvas: SUNLOGIN
Name| sunlogin ---|--- CVE| CVE-2001-0797 Exploit Pack| CANVAS Description| Sun Login Overflow Notes| References: http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00029.html CVE Name: CVE-2001-0797 VENDOR: Sun Date public: 12/12/2001 CERT Advisory:...
Windows NT SNMP agent leaks memory
Overview The Microsoft SNMP agent, prior to Windows NT 4.0 Service Pack 4.0, will leak memory. Description Microsoft's SNMP agent, snmp.exe, priot to Windows NT 4.0 Service Pack 4.0, will leak memory if the OID cannot be decoded. Quoting from Microsoft KB article Q178381, If SNMP cannot decode an...
RADIX1112200103
Team RADIX Research Report: RADIX1112200103 Date Published: 11-12-2001 Research Report ID: RADIX1112200103 Bugtraq ID: 3291 CVE CAN: N/A Title: Denial of Service Vulnerability in Windows 2000 RunAs Service Class: Denial of Service Remotely Exploitable: No Locally Exploitable: Yes Vulnerability...
RADIX1112200102
Team RADIX Research Report: RADIX1112200102 Date Published: 11-12-2001 Research Report ID: RADIX1112200102 Bugtraq ID: 3184 CVE CAN: N/A Title: RunAs Sensitive Data Exposure Class: Sensitive data exposure Remotely Exploitable: No Locally Exploitable: Yes Vulnerability Description: The command lin...
RADIX1112200101
Team RADIX Research Report: RADIX1112200101 Date Published: 11-12-2001 Research Report ID: RADIX1112200101 Bugtraq ID: 3185 CVE CAN: N/A Title: RunAs Service Pipe Authentication Failure Class: Privilege Escalation and Information Disclosure Remotely Exploitable: No Locally Exploitable: Yes...
Microsoft Windows Index Server discloses sensitive configuration information via crafted request to SQLQHit.asp sample application
Overview Microsoft Windows Index Server ships with an optional sample package. A component of this package, SQLQHit.asp, can disclose sensitive information when sent crafted requests. Description The Microsoft Windows Index Server ships with optional sample files. While these files should never b...
Immunity Canvas: MS01_023
Name| ms01023 ---|--- CVE| CVE-2001-0241 Exploit Pack| CANVAS Description| IIS 5.0 IPP ISAPI .printer Overflow Notes| CVE Name: CVE-2001-0241 VENDOR: Microsoft MSADV: MS01-023 VersionsAffected: Repeatability: References: http://www.microsoft.com/technet/security/bulletin/MS01-023.mspx CVE Url:...