2865 matches found
Microsoft Windows Workstation服务NetpManageIPCConnect远程栈溢出漏洞(MS06-070)
Microsoft Windows是微软发布的非常流行的操作系统。 Windows的Workstation服务组件中存在栈溢出漏洞,远程攻击者可能利用此漏洞在服务器上执行任意指令。 在Workstation服务名为wkssvc.dll的模块中,NetpManageIPCConnect函数以未经检查的缓冲区数据调用了swprintf,而输入缓冲区是远程攻击者可控的。 .text:76781D67 mov edi, ebp+arg0 ... .text:76781D90 lea eax, ebp+var2CC ... .text:76781DA0 push edi .text:76781DA...
Microsoft Workstation Service fails to properly parse malformed network messages
Overview A vulnerability in the way Microsoft Workstation Service parses malformed network messages may lead to execution of arbitrary code. Description Microsoft Workstation Service contains a vulnerability that could be exploited when Workstation Service attempts to parse specially crafted...
Immunity Canvas: MS06_070
Name| ms06070 ---|--- CVE| CVE-2006-4691 Exploit Pack| CANVAS Description| Microsoft Workstation Service Overflow Notes| CVE Name: CVE-2006-4691 VENDOR: Microsoft Notes: This exploit actually needs a domain reachable from the attacked machine Platforms Tested: MSADV: MS06-070 References:...
CVE-2006-4691
Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service wkssvc.dll in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname...
CVE-2006-4691
CVE-2006-4691 is a stack-based buffer overflow in the NetpManageIPCConnect function of wkssvc.dll (Workstation service) on Microsoft Windows 2000 SP4 and Windows XP SP2. The vulnerability is triggered by long NetrJoinDomain2 RPC hostname parameters over the network, allowing remote code execution...
Microsoft Windows Workstation Service NetpManageIPCConnect Remote Code Execution Vulnerability
Description Microsoft Windows Workstation service is prone to a remote code-execution vulnerability. Exploiting this issue allows remote, anonymous attackers to execute arbitrary machine code on affected computers with SYSTEM-level privileges. This facilitates the complete compromise of affected...
MS06-070: Vulnerability in Workstation Service Could Allow Remote Code Execution (924270)
The remote host is vulnerable to a buffer overrun in the 'workstation' service that could allow an attacker to execute arbitrary code on the remote host with the 'System' privileges. Tenable Network Security, Inc. include"compat.inc"; if description scriptid23646; scriptversion"1.32";...
Microsoft Windows SMB驱动本地拒绝服务漏洞(MS06-030)
Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft客户端缓存(CSCDLL.DLL)和Microsoft服务器消息块重新定向器驱动(MRXSMB.SYS)代码中存在漏洞,本地攻击者可能利用此漏洞在机器上创建无法中止的进程。...
SYMSA-2006-008:Password Safe - Lock Password Database Configuration Not Enforced
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2006-008 Advisory Title: Password Safe - Lock Password Database Configuration Not Enforced Author: J.R. Wikes Release Date: 07-24-2006 Application:...
[Full-disclosure] Cisco Security Advisory: Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory ======================= Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities =========================================================================== Advisory ID:...
VMware vmnat.exe/vmnet-natd Multiple FTP Command Remote Overflow
According to its version number, the VMware program on the remote host may allow an attacker to execute code on the system hosting the VMware instance. The vulnerability can be exploited by sending specially crafted FTP PORT and EPRT requests. To be exploitable, the VMware system must be configur...
GLSA-200601-04 : VMware Workstation: Vulnerability in NAT networking
The remote host is affected by the vulnerability described in GLSA-200601-04 VMware Workstation: Vulnerability in NAT networking Tim Shelton discovered that vmnet-natd, the host module providing NAT-style networking for VMware guest operating systems, is unable to process incorrect 'EPRT' and...
VMware Workstation: Vulnerability in NAT networking
Background VMware Workstation is a powerful virtual machine for developers and system administrators. Description Tim Shelton discovered that vmnet-natd, the host module providing NAT-style networking for VMware guest operating systems, is unable to process incorrect 'EPRT' and 'PORT' FTP request...
VMware vulnerability in NAT networking
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VULNERABILITY SUMMARY A vulnerability has been discovered in vmnat.exe on Windows hosts and vmnet-natd on Linux systems. The vulnerability makes it possible for a malicious guest using a NAT networking configuration to execute unwanted code on the hos...
CVE-2005-4459
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted 1 EPRT and 2 PORT FTP commands...
CVE-2005-4459
The CVE-2005-4459 issue is a heap-based buffer overflow in VMware’s NAT service components vmnat.exe and vmnet-natd across several products (Workstation 5.5, GSX Server 3.2, ACE 1.0.1, Player 1.0). The flaw is triggered by malformed FTP PORT and EPRT commands processed by the NAT service, allowin...
[VulnWatch] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 <= build-18007 G SX Server Variants And Others
-=+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++=- ACS Security Assessment Advisory - Remote Heap Overflow ID: ACSSEC-2005-11-25 - 0x1 Class: Remote Heap Overflow Package: VMWare Workstation 5.5.0 = build-18007 VMWare GSX Server Variants VMWare Ace Variants VMWare Player Variants...
CVE-2005-2939
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder...
CVE-2005-2939
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder...
Tests for Nimda Worm infected HTML files
Your server appears to have been compromised by the Nimda mass mailing worm. It uses various known IIS vulnerabilities to compromise the server. SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...