164 matches found
Create VSS processing exclusion for vCenter Database
Article Applicability This article is only relevant to environments still using a Windows-based vCenter vSphere 6.7 and older with the vCenter database hosted on a Microsoft SQL Instance. Per VMware's Blog: Reminder: vSphere 6.5/6.7 End of General Support The End of General Support for vSphere 6....
Microsoft SMB Create Response Remote Code Execution (MS11-043; CVE-2011-1268)
SMB Protocol is the file sharing protocol used by default on Windows-based computers. An unauthenticated remote code execution vulnerability exists in the way that the Microsoft Server Message Block SMB client implementation handles specially crafted SMB responses. The vulnerability is due to a...
MinaliC WebServer 1.0 - Remote Source Disclosure / File Download
MinaliC Webserver 1.0 Remote Source Disclosure/File Download Found By: DrIDE Date: October 27, 2010 Download: http://sourceforge.net/projects/minalic/ Tested on: Windows 7 Greets: edb team & John Leitch for finding the app - Description - MinialiC Webserver v1.0 is a Windows based HTTP server. Th...
VMware Remote Console HOST and MOID Format String Code Execution (CVE-2009-3732)
VMware software provides a virtualization technology that allows running multiple instances of x86 and x86-64 virtual computers simultaneously within the hosting operating system. VMware Remote Console provides a mechanism for users and administrators to remotely view and interact with the...
MiniWebsvr 0.0.10 - Directory Traversal Listing
MiniWebsvr 0.0.10 - Directory Traversal Listing miniwebsvr v0.0.10 Directory Traversal/Listing Exploits Found By: DrIDE Date: May 12, 2010 Download: http://sourceforge.net/projects/miniwebsvr/ Tested on: Windows 7 - Description - miniwebsvr v0.0.10 is a Windows based HTTP server. This is the late...
zervit Web Server v0.4 Source Disclosure / Download
Exploit for windows platform in category remote exploits =================================================== zervit Web Server v0.4 Source Disclosure / Download =================================================== zervit Web Server v0.4 Source Disclosure/Download Found By: DrIDE Date: May 12, 2010...
Alt-N MDaemon 11.0.1邮件列表订阅目录遍历漏洞
Alt-N MDaemon是一款基于Windows的邮件服务程序,WorldClient是其客户端。 MDaemon支持邮件列表功能。在配置邮件列表时,MDaemon会将邮件列表的配置存储在MDaemonDir(通常为 C:\MDaemon)\App目录下扩展名为grp的文件中,邮件列表组文件大致为: ---snip--- Mailing List file ; ListName = [email protected] ; Private = N ; HideFromAddressBook = N ; AllowExpn = Y ; ListNameInSubject = Y...
Opera 10.51 Closes HTTP Header Holes
Opera has announced the release of version 10.51 of its web browser for Windows-based systems, closing two “highly severe” security holes. The security and stability update addresses a previously reported vulnerability caused by an incorrectly set value in HTTP headers. Read the full article. The...
MDaemon SMTP and IMAP Command Buffer Overflow (CVE-2004-1546)
MDaemon is a Windows-based email server that provides full mail server functionality. MDaemon supports the SMTP, IMAP and POP3 protocols. A vulnerability exists in the way the MDaemon mail server processes certain SMTP and IMAP commands. A stack buffer overflow occurs when an overly long argument...
Microsoft Windows LoadImage API Function Integer Overflow (CVE-2004-1049)
In terms of Microsoft Windows technology, a resource is binary data that can be added to the executable file of a Windows-based application. Graphical images such as icons, cursors and bitmaps are example of standard resources. Windows-based applications support loading and rendering of graphical...
httpdx 1.4.6b - Source Disclosure
httpdx = 1.4.6b Remote Source Disclosure Found By: DrIDE Tested On: Windows XPSP3 Download: httpdx.sourceforge.net/downloads/ - Description - httpdx Web Server = 1.4.6b is a Windows based HTTP server. This is the latest version of the application available. httpdx is vulnerable to remote arbitrar...
Trend Micro ServerProtect TMregChange Stack Overflow (CVE-2007-4731)
Trend Micro ServerProtect offers anti-virus scanning for servers, detecting and removing viruses from files and compressed files. The product provides centralized control over a Windows-based management console for control of virus outbreaks, virus scanning, virus pattern file updates,...
Microsoft CryptoAPI Object Identifiers Integer Overflow (MS09-056; CVE-2009-2511)
The CryptoAPI provide services that enable application developers to add encryption/decryption of data, authentication using digital certificates, and encoding to and decoding from Abstract Syntax Notation One ASN.1 to their Windows-based applications. A spoofing vulnerability has been reported i...
Kolibri+ Web Server 2 - Arbitrary Source Code Disclosure (2)
Kolibri+ Web Server 2 - Arbitrary Source Code Disclosure 2 Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure aka: More fun with Kolibri+ 2 webserver Found By: DrIDE Tested On: Windows XPSP3 - Description - Kolibri+ 2 Web Server is a Windows based HTTP server. This is the latest versio...
VMSA-2009-0007 : VMware Hosted products and ESX and ESXi patches resolve security issues
a. VMware Descheduled Time Accounting driver vulnerability may cause a denial of service in Windows based virtual machines. The VMware Descheduled Time Accounting Service is an optional, experimental service that provides improved guest operating system accounting. This patch fixes a denial of...
Apache Module mod_rewrite LDAP Protocol Buffer Overflow
This module exploits the modrewrite LDAP protocol scheme handling flaw discovered by Mark Dowd, which produces an off-by-one overflow. Apache versions 1.3.29-36, 2.0.47-58, and 2.2.1-2 are vulnerable. This module requires REWRITEPATH to be set accurately. In addition, the target must have...
Microsoft Visual Basic Kill Bits
Visual Basic is an event-driven programming language that was created by Microsoft for building stand alone Windows-based programs. Developers can use it for quickly building GUI applications. Several remote code execution vulnerabilities have been reported in Microsoft Visual Basic. To trigger...
Microsoft Money 'prtstb06.dll' Denial of Service vulnerability
This host has Microsoft Money installed and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbmsmoneydosvuln.nasl 8209 2017-12-21 08:12:18Z cfischer $ Microsoft Money 'prtstb06.dll' Denial of Service Vulnerability Authors: Sujit Ghosal Copyright: Copyright c 2009...
Microsoft Money 'prtstb06.dll' Denial of Service vulnerability
Microsoft Money is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:money";...
MDaemon Server WorldClient脚本注入漏洞
BUGTRAQ ID: 32355 Alt-N MDaemon是一款基于Windows的邮件服务程序,WorldClient是其客户端。 MDaemon的WorldClient客户端没有正确地过滤邮件中的某些HTML标签,如果远程攻击者在邮件中注入了恶意HTML和脚本代码的话,则用户在查看邮件的时候就会在浏览器会话中执行注入的内容。 Alt-N MDaemon 10.0.1 Alt-N ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.altn.com...