Getting a persistent shell on a 747 IFE

TL:DR The Coronavirus pandemic has hit the airline industry hard. One sad consequence was early retirement of most of the 747 passenger fleet. This does however create opportunities for aviation security research, as airframes are parked up before parting out in breakers yards. This 747 was flyin...

Microsoft Exchange OWA 长用户名拒绝服务漏洞

微软Exchange OWAOutlook Web Access组件存在一个拒绝服务漏洞。当使用很多"%"作 为用户名和口令登录时，OWA会返回HTTP 500 - Internal server error信息。用户将不 能通过IE进行登录。据报告说WWW发布服务和IIS管理服务会停止响应。 Microsoft Exchange Server 5.5 SP4 Microsoft Exchange Server 5.5 SP3 Microsoft Exchange Server 5.5 SP2 Microsoft Exchange Server 5.5 SP1 Microsoft...

WinVNC Web Server GET Overflow

This module exploits a buffer overflow in the AT WinVNC version 'WinVNC Web Server GET Overflow', 'Description' = %q This module exploits a buffer overflow in the AT&T WinVNC version 'aushack', 'License' = MSFLICENSE, 'References' = 'BID', '2306' , 'OSVDB', '6280' , 'CVE', '2001-0168' , ,...

CORE-2006-0714: Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service

Core Security Technologies Advisory http://www.coresecurity.com Microsoft SRV.SYS SMBCOMTRANSACTION Denial of Service Date Published: 2006-08-14 Last Update: 2006-08-14 Advisory ID: CORE-2006-0714 Bugtraq ID: 19215 CVE Name: CVE-2006-3942 Title: Microsoft SRV.SYS SMBCOMTRANSACTION Denial of Servi...

IBM Director 3.1 Windows Agent Remote DoS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory by Juanma Merino Remote DoS on IBM Director 3.1 Agent for Windows Reported to esCERT UPC on: May 2003 no response Vendor contacted on: March 1, 2004 no response Vendor: IBM www.ibm.com Systems Affected: IBM Director 3.1 Agent for...

CVE-2002-1140

The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service service hang via malformed packet fragments, aka "Improper parameter size check leading to denial of service."...

Advisory CA-2002-14 Buffer overflow in Macromedia JRun

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-14 Buffer overflow in Macromedia JRun Original release date: May 29, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Windows NT4 or Windows 2000 running IIS versions 4...

Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow

Windows 2000 and NT4 IIS .ASP Remote Buffer Overflow Release Date: 00/00/2002 Severity: High Remote code execution IWAMMACHINE Privilege Level Systems Affected: Microsoft Windows NT 4.0 Internet Information Services 4.0 Microsoft Windows 2000 Internet Information Services 5.0 Description: A...

[eyeonsecurity.net] Incredimail allows automatic over writing offiles on your hard disk

Advisory Title: Incredimail allows automatic over writing of files on your hard disk Release Date: 05/08/2001 Application: Incredimail Platform: Windows NT4 Windows 2000 Windows 9x/me Build: 1400185 .. possibly earlier builds as well Severity: Malicious users can easily over write system files...

Various security vulnerabilities with LPC ports

BindView Security Advisory -------- Various security vulnerabilities with LPC ports Issue Date: October 3, 2000 Contact: Todd Sabin [email protected] Topic: LPC ports Overview: There are various flaws in the implementation of LPC ports. Affected Systems: Windows NT4 up to and including SP...

bindview.lpc.txt

BindView Security Advisory -------- Various security vulnerabilities with LPC ports Issue Date: October 3, 2000 Contact: Todd Sabin Topic: LPC ports Overview: There are various flaws in the implementation of LPC ports. Affected Systems: Windows NT4 up to and including SP6a Window 2000 up to and...

Extent RBS directory Transversal.

Advisory Title: Extent RBS directory Transversal. Release Date: 09/21/2000 Application: Extent RBS Platform: Windows NT4 Windows 2000 RedHat Linux 6.x Sun Solaris 2.6+ Version: 2.63. Possibly older versions as well. have also tested 2.5 and found it vulnerable Severity: Any user can get any file ...

: Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service

Advisory ID Internal CORE-2006-0714 1. Advisory Information Advisory ID : CORE-2006-0714 Bugtraq ID : 19215 CVE Name : CVE-2006-3942 Title : Microsoft SRV.SYS SMBCOMTRANSACTION Denial of Service Class : Failure to Handle Exceptional Conditions Remotely Exploitable : Yes Locally Exploitable : Yes...