Intel® Security Vulnerabilities

Microsoft Security Bulletin MS04-002

Microsoft Security Bulletin MS04-002 Print Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation (832759) Issued: January 13, 2004 Version: 1.0 Summary Who should read this document: System administrators who have servers that are running Microsoft® Outlook® Web Access for...

Landesk Management Suite IRCRBOOT.DLL buffer overflow

Landesk Management Suite IRCRBOOT.DLL buffer overflow ================================================= PROGRAM: Landesk Management Suite HOMEPAGE: http://www.landesk.com VULNERABLE VERSIONS: 8.0 (untested, but highly possible vulnerable) 7.0 and...

Microsoft Windows - ListBoxComboBox Control Local (MS03-045)

Microsoft Windows - ListBoxComboBox Control Local...

Microsoft Windows - ListBox/ComboBox Control Local (MS03-045)

...

Microsoft Security Bulletin MS03-051

Microsoft Security Bulletin MS03-051 Print Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360) Issued: November 11, 2003 Version: 1.0 Summary Who should read this document: Customers using Microsoft® FrontPage Server Extensions ® Impact of vulnerability:...

Microsoft Security Bulletin MS03-048

Microsoft Security Bulletin MS03-048 Print Cumulative Security Update for Internet Explorer (824145) Issued: November 11, 2003 Version: 1.0 Summary Who Should Read This Document: Customers who have Microsoft® Internet Explorer® installed Impact of Vulnerability: Remote Code Execution Maximum...

Microsoft Security Bulletin MS03-049

Microsoft Security Bulletin MS03-049 Print Buffer Overrun in the Workstation Service Could Allow Code Execution (828749) Issued: November 11, 2003 Version Number: 1.0 See all Windows bulletins released November, 2003 Summary Who Should Read This Document: Customers using Microsoft® Windows® ...

Microsoft Security Bulletin MS03-050

Microsoft Security Bulletin MS03-050 Print Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527) Issued: November 11, 2003 Version: 1.0 See all Office bulletins released November, 2003 Summary Who should read this document: Customers who are using...

IA WebMail Server 3.x Buffer Overflow Vulnerability

IA WebMail Server 3.x Buffer Overflow Vulnerability Credit: Author : Peter Winter-Smith Software: Package : IA WebMail Server Versions : All up to and including 3.1 Vendor : True North Software Vendor Url : http://www.tnsoft.com Vulnerability: Bug Type : Stack-based Buffer Overflow...

[Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting

EXPL-A-2003-026 exploitlabs.com Advisory 026 - -= Caucho Resin =- Donnie Werner Oct 18, 2003 Vunerability(s): XSS note: this is not http://www.securiteam.com/securitynews/5KP0O1F7FM.html http://www.securitytracker.com/alerts/2002/Jun/1004552.html Product: Caucho...

Microsoft Security Bulletin MS03-04

Microsoft Security Bulletin MS03-044 Buffer Overrun in Windows Help and Support Center Could Lead to System Compromise (825119) Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: Customers using Microsoft® Windows® Impact of Vulnerability: Remote Code...

Microsoft Security Bulletin MS03-046

Microsoft Security Bulletin MS03-046 Print Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (829436) Issued: October 15, 2003 Version Number: Version Number: 1.0 Summary Who Should Read This Document: System administrators who have servers running Microsoft® Exchange...

Microsoft Security Bulletin MS03-041

Microsoft Security Bulletin MS03-041 Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182) Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: Customers using Microsoft® Windows® Impact of Vulnerability: Remote Code Execution...

Microsoft Security Bulletin MS03-043

Microsoft Security Bulletin MS03-043 Buffer Overrun in Messenger Service Could Allow Code Execution (828035) Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: Customers using Microsoft® Windows® Impact of Vulnerability: Remote Code Execution Maximum Severity...

Microsoft Security Bulletin MS03-047

Microsoft Security Bulletin MS03-047 Print Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489) Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: System administrators who have servers running Microsoft®...

Microsoft Security Bulletin MS03-045

Microsoft Security Bulletin MS03-045 Buffer Overrun in the ListBox and in the ComboBox Control Could Allow Code Execution (824141) Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: Customers using Microsoft® Windows® Impact of Vulnerability: Local Elevation of...

Microsoft Security Bulletin MS03-042

Microsoft Security Bulletin MS03-042 Buffer Overflow in Windows Troubleshooter ActiveX Control Could Allow Code Execution (826232) Issued: October 15, 2003 Version Number: 1.0 Summary Who Should Read This Document: Customers using Microsoft® Windows® Impact of Vulnerability: Remote Code...

Microsoft Windows - DCOM RPC2 Universal Shellcode

MS Windows (DCOM RPC2) Universal Shellcode. Shellcode exploit for win32...

Microsoft Windows - 'RPC2' Universal / Denial of Service (RPC3) (MS03-039)

...

Microsoft Windows - RPC2 Universal Denial of Service (RPC3) (MS03-039)

Microsoft Windows - RPC2 Universal Denial of Service (RPC3)...

MS Windows (RPC2) Universal Exploit & DoS (RPC3) (MS03-039)

漏洞描述： Remote Procedure Call (RPC)是Windows操作系统使用的一种远程过程调用协议，RPC提供进程间交互通信机制，允许在某台计算机上运行程序无缝的在远程系统上执行代码。协议本身源自OSF RPC协议，但增加了Microsoft特定的扩展。MS RPC在处理畸形消息时存在问题，远程攻击者可以利用这个漏洞进行拒绝服务攻击，在RPC服务崩溃后，可用来权限提升攻击。 攻击者发送畸形消息给DCOM __RemoteGetClassObject接口，RPC服务就会崩溃，所有依靠RPC服务的应用程序和服务就会变的不正常。...

Novell GroupWise Internet Agent 6.5.1

Novacoast Security Advisory Novell GroupWise 6.5 Vulnerability Synopsis: Novacoast has discovered a vulnerability in the Novell GroupWise 6.5 Wireless Webaccess logging functionality. The software exposes all username and passwords within the log file in clear text. This information could be used.....

SRT2003-07-07-0833.txt

...

SRT2003-07-07-0831.txt

...

Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet Revision 1.0 For Public Release 2003 July 17 at 0:00 UTC (GMT) Please provide your feedback on this document. Contents Summary Affected Products Details Impact Software Versions and...

SRT2003-07-07-0913.txt

...

[Full-Disclosure] SRT2003-07-08-1223 - IBM U2 UniVerse uvadm can take root via buffer overflows

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection...

[Full-Disclosure] SRT2003-07-07-0913 - Abnormal suid behavior in several applications

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection...

[Full-Disclosure] SRT2003-07-07-0833 - IBM U2 UniVerse users with uvadm rights can take root via uvadmsh

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection...

[Full-Disclosure] SRT2003-07-07-0831 - IBM U2 UniVerse cci_dir creates hard links as root

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection...

bosen-adv.7.txt

...

Another ProductCart SQL Injection Vulnerability

ProductCart SQL Injection Vulnerability 1ndonesian Security Team (1st) http://bosen.net/releases/ =============================================================================== Security Advisory Advisory Name: ProductCart SQL Injection Vulnerability Release Date: 06/20/2003 ...

Microsoft Windows Media Services - Remote (MS03-022)

Microsoft Windows Media Services - Remote...

Microsoft Windows Media Services - Remote (MS03-022)

...

Microsoft Windows NT 4.02000 - Media Services nsiislog.dll Remote Buffer Overflow

Microsoft Windows NT 4.02000 - Media Services nsiislog.dll Remote Buffer...

Microsoft Windows NT 4.0/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow

...

Sphera Hosting Director Control Panel Multiple Vulnerabilities: XSS-Session Hijacking-DoS/Buffer Overflow-Another User Accounts access

Product: SPHERA HostingDirector and Final User (VDS) Control Panel ( Hosting Control Panel ) Vendor: SPHERA Versions: VULNERABLE - 3.x - 2.x - 1.x NOT VULNERABLE - ? Description: HostingDirector comprises three fundamental components that are integrated to...

Internet Explorer Object Type Property Overflow

Internet Explorer Object Type Property Overflow Release Date: June 4, 2003 Severity: High (Remote Code Execution) Systems Affected: Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6.0 for Windows Server 2003 Description:.....

RealSystem Proxy contains buffer overflow

Overview A buffer overflow vulnerability exists in the RealSystem Proxy. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable host. An exploit exists for this vulnerability and is publicly available. Description RealSystem Proxy is a streaming media proxy-cache.....

[VulnWatch] Efficient Networks 5861 DSL Router

Product: Efficient Networks 5861 DSL Router http://www.efficient.com/ebz/5800.html Tested version: 5.3.80 (Latest firmware) Advisory date: 10/01/2003 Severity: Moderate Background "Efficient Networks® Business Class IDSL, ADSL, or SDSL Routers...

Macromedia Shockwave Flash Malformed Header Overflow #2

Macromedia Shockwave Flash Malformed Header Overflow #2 Release Date: December 16, 2002 Severity: High (Remote Code Execution) Systems Affected: Macromedia Flash Player versions less than 6.0.65.0 Description: While working on some pre-release Retina® CHAM tools, multiple exploitable conditions...

PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability

PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability Release Date: December 11, 2002 Severity: High (Code Execution) Systems Affected: We have specifically tested the following software and verified the potential for exploitation: Microsoft Internet Explorer 5.01 Microsoft...

Microsoft Security Bulletin MS02-071

Microsoft Security Bulletin MS02-071 Print Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310) Originally posted: December 11, 2002 Summary Who should read this bulletin: Customers using Microsoft® Windows® NT 4.0, Windows 2000, and Windows XP. Impact of...

Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: OSM Line Card Header Corruption Vulnerability Revision 1.0 FINAL For Public Release 2002 December 11 16:00 UTC Contents Summary Affected Products Details Impact Software Versions and Fixes Obtaining Fixed Software Workarounds ...

iDEFENSE Security Advisory 11.19.02a: Denial of Service Vulnerability in Linksys Cable/DSL Routers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 11.19.02a: http://www.idefense.com/advisory/11.19.02a.txt Denial of Service Vulnerability in Linksys Cable/DSL Routers November 19, 2002 I. BACKGROUND Linksys Group Inc. currently sells several broadband router products,...

NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability

NSSI Technologies Inc Research Labs Security Advisory http://www.nssolution.com (Philippines / .ph) "Maximum e-security" http://nssilabs.nssolution.com ZoneAlarm Pro 3.1 and 3.0 Denial of Service Vulnerability Author: Abraham Lincoln Hao / SunNinja e-Mail: [email protected] /...

CSS on Microsoft Content Management Server

Hi, while doing a pen-test I found what seems a Cross Site Scriptting on Microsoft Content Management Server. On M$ words: "Microsoft® Content Management Server 2001 (MSCMS) is an enterprise Web content management system that enables companies to build, deploy, and maintain Internet,...

Microsoft Internet Explorer Legacy Text Control Buffer Overflow (#NISR26082002)

NGSSoftware Insight Security Research Advisory Name: Microsoft Internet Explorer BufferOverrun Systems Affected: All versions IE Severity: Critical Category: Indirect Remote Buffer Overrun Vendor URL: http://www.mircosoft.com Author: Mark Litchfield ([email protected]) Date: 26th...

iPlanet vulnerabilities on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: iPlanet vulnerabilities Number: 20020803-01-P Date: August 1, 2002 Reference: CERT® Vulnerability Note #276767 Reference: CAN-2001-0327 --- Issue Specifics --- ...

rpc.pcnfsd vulnerabilities on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: rpc.pcnfsd vulnerabilities Number: 20020802-01-I Date: August 1, 2002 Reference: CERT® Advisory CA-1996-08 Reference: CAN-1999-0078 --- Issue Specifics --- It's been...