15 matches found
1C: Arcadia Internet Store 1.0 Arbitrary File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2902/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of the components of this...
1C: Arcadia Internet Store 1.0 Show Path Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2904/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of the components of this...
GoodTech SMTP Server <= 5.14 Denial of Service Exploit
No description provided by source. ===== Start GoodTechSMTPServerDOS.pl ===== Usage: GoodTechSMTPServerDOS.pl ip GoodTechSMTPServerDOS.pl 127.0.0.1 GoodTech SMTP Server for Windows NT/2000/XP version 5.14 Download: http://www.goodtechsys.com/ use IO::Socket; use strict; my$socket = ; if $socket =...
Fedora Update for ejabberd FEDORA-2011-16282
Check for the Version of ejabberd OpenVAS Vulnerability Test Fedora Update for ejabberd FEDORA-2011-16282 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for ejabberd FEDORA-2011-8415
Check for the Version of ejabberd OpenVAS Vulnerability Test Fedora Update for ejabberd FEDORA-2011-8415 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for ejabberd FEDORA-2010-1281
Check for the Version of ejabberd OpenVAS Vulnerability Test Fedora Update for ejabberd FEDORA-2010-1281 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
resin 1.2 目录遍历漏洞
Caucho Technology Resin 1.2.2存在一个安全问题。远程用户可以获取http根 目录之外的文件的读取权限。通过构造一个特别的包含'/..'或者'/...'的URL, 可能导致目录遍历。 此问题只影响在Windows NT/2000系统中安装的Resin. 测试方法: joetesta ([email protected]提供了如下演示代码: http://localhost:8080/../readme.txt 建议: 厂商补丁: Caucho Technology已经提供了Resin 1.2.3,此版本已经解决了此安全问题。 下载地址:...
Talking about the Ring0 privilege of obtain-vulnerability warning-the black bar safety net
Recently been trying to write a program to kill 3 6 0, but encountered a lot of trouble, even if elevated, the 能干 掉 Winlogon.exe 也 干 不 掉 360tray.exe depressed for half a day. Don't know 3 6 0 what weird means. Then find the Find the previous comparison of the bovine X-virus Panda burning incense...
WFTPD Pro Server 3.30.0.1 Denial Of Service
/\ Title: WFTPD Pro Server 3.30.0.1 pre auth Multiple Remote Denial of Service Vulnerabilities Summary: Professional FTP server for Windows NT / 2000 / XP / 2003 Desc: WFTPD Pro Server 3.30.0.1 suffers from multiple remote vulnerabilities which resolves in denial of service. Several commands are...
Microsoft IE 5.01/5.5 DHTMLED远程文件读取漏洞
Microsoft IE 5.5/5.01中DHTMLED(动态HTML编辑控制)部分的实现存在安全问题。可能允许 一个恶意站点非法读取远程客户主机上的已知文件的内容。这种攻击也可以通过发送HTML格式的 邮件给那些使用Outlook的用户来实现。 动态HTML编辑控制是一种让IE具有WYSIWYG HTML编辑器功能的机制。然而DOM安全模型没有正确 处理通过DHTMLED来使用IFRAME的情况,导致IFRAME的内容可以被重定向到某个web server IFRAME可以被设置为从已知的本地文件读取。下面是一个例子代码: dh.DOM.all.I1.focus;...
MS00-049:Microsoft Office 脚本允许远程保存恶意文件
如果一个Web站点在web页面中嵌入恶意脚本,它调用一个Excel 2000或者PowerPoint文件, 当用户访问这个站点时可能导致一个远程文件可能是恶意的被保存到该用户的硬盘上。 Microsoft Excel 2000 Microsoft PowerPoint 2000 Microsoft PowerPoint 97.0 - Microsoft Windows 98 - Microsoft Windows 95 - Microsoft Windows NT 4.0 - Microsoft Windows NT 2000 微软已经提供了补丁程序: Microsoft Excel...
GoodTech SMTP Server <= 5.14 Denial of Service Exploit
Exploit for unknown platform in category dos / poc ====================================================== GoodTech SMTP Server GoodTechSMTPServerDOS.pl 127.0.0.1 GoodTech SMTP Server for Windows NT/2000/XP version 5.14 Download: http://www.goodtechsys.com/ use IO::Socket; use strict; my$socket =...
Caucho Technology Resin 2.1.12 - Directory Listings Disclosure
Caucho Technology Resin 2.1.12 - Directory Listings Disclosure source: https://www.securityfocus.com/bid/9617/info It has been reported that Resin may be prone to an information disclosure vulnerability that may allow an attacker to disclose directory listings by passing malicious data via a URI...
Netwin Webnews Buffer Overflow Vulnerability (#NISR18022002)
NGSSoftware Insight Security Research Advisory Name: Netwin Webnews.exe Systems Affected: IIS4 & IIS5 on Windows NT/2000 Severity: High Risk Vendor URL: http://www.netwinsite.com Author: Mark Litchfield [email protected] Date: 18th February 2002 Advisory number: NISR18022002 Advisory URL:...
Cartfix Secret Backdoor Patch tool for cart32
@Stake Inc. L0pht Research Labs www.atstake.com www.L0pht.com Security Tool Release Name: Cartfix Secret Backdoor Patch tool Release Date: April 27, 2000 Application: Cart32 Shopping Cart Program Platform: Win32 Severity: An attacker can execute commands on the web server and modify admin passwor...