what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 313 RSS Feed

Files

ms02-055
Posted Oct 4, 2002
Site microsoft.com

Microsoft Security Advisory MS02-055 - A remotely exploitable buffer overflow in the HTML Help facility in Windows allows remote code execution via web page or HTML email on all versions of Windows.

tags | remote, web, overflow, code execution
systems | windows
SHA-256 | 40085ad491b3bf7c5e066a96491cdee2d23461e4cae9eca0322bf8b25086bcb8
ms02-054
Posted Oct 4, 2002
Site microsoft.com

Microsoft Security Advisory MS02-054 - On Windows 98 with Plus! Pack, Windows Me and Windows XP, the Compressed Folders feature has an unchecked buffer in the program that handles the decompressing of files from a zipped file, allowing code of the attackers choice to run.

systems | windows
SHA-256 | 0073160f2cd0980100428ae4c75321cad44b866e6c57d5aca764031e6e60a48a
ms02-053
Posted Sep 26, 2002
Site microsoft.com

Microsoft Security Advisory MS02-053 - Serious vulnerabilities have been discovered in Microsoft FrontPage Server Extensions 2000 and 2002 in the SmartHTML Interpreter (shtml.dll). FrontPage Server Extensions 2002 the flaw allows remote attackers to run code of his choice; on FrontPage Server Extensions 2000 the attacker can consume most or all available CPU until the service is restarted.

tags | remote, vulnerability
SHA-256 | e336209cb8e7287fcc28062f2faba13182a7f5785256bb71bd5aa1e1aeb6918f
ms02-052
Posted Sep 20, 2002
Site microsoft.com

Microsoft Security Advisory MS02-052 - Three serious security vulnerabilities have been found in Microsoft VM which allow attackers to create web pages which cause remote code execution. The vulnerabilities can be exploited via Outlook unless the Email Security Update is installed.

tags | remote, web, vulnerability, code execution
SHA-256 | 5e58cc4e3bfe7b10c12d51e443206ba7577f8f3bfa1cbdeea6bbf9551b0bcb0f
ms02-051
Posted Sep 20, 2002
Site microsoft.com

Microsoft Security Advisory MS02-051 - A cryptographic flaw in the RDP protocol allows attackers who can sniff terminal sessions to recover the session traffic. Another vulnerability allows remote attackers who can not authenticate to deny service.

tags | remote, protocol
SHA-256 | 041acd9968b4d3e825371d30c8c1bf5eab2329f913cf49e3e95dd5808f2bcc50
ms02-050
Posted Sep 6, 2002
Site microsoft.com

Microsoft Security Advisory MS02-050 - Microsoft Windows, Microsoft Office for Mac, Microsoft Internet Explorer for Mac, and Microsoft Outlook Express for Mac is vulnerable to certificate identity spoofing because the CryptoAPI does not check Basic Constraints field.

tags | spoof
systems | windows
SHA-256 | 5a7729e51ebec0efb6b48ada409971e53911b361fad8035cca735a906d62b3b7
ms02-049
Posted Sep 5, 2002
Site microsoft.com

Microsoft Security Advisory MS02-049 - Users who have installed Visual FoxPro 6.0 are vulnerable to a remote command execution vulnerability through IE web browsing or HTML email messages.

tags | remote, web
SHA-256 | 6b67c9f54b77e52f8fbcc000c1311cd097f7f6c82e7190ed8224098f6139389e
ms02-041
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-041 - Unchecked Buffer in Content Management Server Could Enable Server Compromise. Three security vulnerabilities: A buffer overrun in a low-level function that performs user authentication, a vulnerability resulting from the confluence of two flaws affecting a function that allows files to be uploaded to the server, and a SQL injection vulnerability affecting a function that services requests for image files and other resources.

tags | overflow, vulnerability, sql injection
SHA-256 | 6e540b40befc61c59dcfc09856719d609a1bd1b820d42e2c173b0ddf3fac1347
ms02-040
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-040 - Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise. A security vulnerability results because the MDAC functions underlying OpenRowSet contain an unchecked buffer. An attacker who submitted a database query containing a specially malformed parameter within a call to OpenRowSet could overrun the buffer, either for the purpose of causing the SQL Server to fail or causing the SQL Server service to take actions dictated by the attacker.

tags | overflow
SHA-256 | 724bb1c4ef4bbe76d9247ef77b88d897827ff562f654d1c31e51b61531d54093
ms02-039
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-039 - Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution. Sending a carefully crafted packet to the Resolution Service, an attacker could cause portions of system memory (the heap in one case, the stack in the other) to be overwritten. Overwriting it with random data would likely result in the failure of the SQL Server service. Overwriting it with carefully selected data could allow the attacker to run code in the security context of the SQL Server service.

tags | overflow, code execution
SHA-256 | c02fb5e27f8774fa22735471626ebbcec3ae67117a3d248a9a3f34fe3d6b41b2
ms02-038
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-038 - Unchecked Buffer in SQL Server 2000 Utilities Could Allow Code Execution. This advisory documents SQL injection vulnerabilities and buffer overruns in SQL Server 2000 and MSDE 2000.

tags | overflow, vulnerability, code execution, sql injection
SHA-256 | 5086f40b83fa85c238c3816a27a87b1a91792c74ea2e7e3c3ff5de0bd8458d80
ms02-037
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-037 - Server Response To SMTP Client EHLO Command Results In Buffer Overrun. A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. If the total length of the message exceeds a particular value, the data would overrun the buffer. If the buffer were overrun with random data, it would result in the failure of the IMC. If, however, the buffer were overrun with carefully chosen data, it could be possible for the attacker to run code in the security context of the IMC, which runs as Exchange5.5 Service Account.

tags | overflow, protocol
SHA-256 | 6fcee21872b7f42847d8fbc6a5c19017b300f98f4b2d58cf3bb9a8e51b28d654
ms02-036
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-036 - Authentication Flaw in Microsoft Metadirectory Services Could Allow Privilege Elevation. A flaw exists that could enable an unprivileged user to access and manipulate data within Microsoft Metadirectory Services (MMS) that should, by design, only be accessible to MMS administrators. Specifically, it is possible for an unprivileged user to connect to the MMS data repository via an LDAP client in such a way as to bypass certain security checks. This could enable an attacker to modify data within the MMS data repository, either for the purpose of changing the MMS configuration or replicating bogus data to the other data repositories.

SHA-256 | b1d7451fe6e869edc7b74e470bb51d0435d64cf4b2b2f1ce168b2eea1cb3790c
ms02-035
Posted Aug 30, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-035 - SQL Server Installation Process May Leave Passwords on System. A security vulnerability results because of two factors: The files remain on the server after the installation is complete. Except for the setup.iss file created by SQL Server 2000, the files are in directories that can be accessed by anyone who can interactively log on to the system. The password information stored in the files is either in clear text (for SQL Server 7.0 prior to Service Pack 4) or encrypted using fairly weak protection. An attacker who recovered the files could subject them to a password cracking attack to learn the passwords, potentially compromising the sa password and/or a domain account password.

SHA-256 | 9f9beb2a328bbc2c0a237bce8101c3044e0ed4db04422219c2b498b9e29b18b5
ms02-034
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-034 - Cumulative Patch for SQL Server available. This patch eliminates three newly found vulnerabilities affecting SQL Server 2000 and MSDE 2000: A buffer overrun vulnerability in a procedure used to encrypt SQL Server credential information. An attacker who was able to successfully exploit this vulnerability could gain significant control over the database and possibly the server itself depending on the account SQL Server runs as. A buffer overrun vulnerability in a procedure that relates to the bulk inserting of data in SQL Server tables. An attacker who was able to successfully exploit this vulnerability could gain significant control over the database and possibly the server itself. A privilege elevation vulnerability that results because of incorrect permissions on the Registry key that stores the SQL Server service account information. An attacker who was able to successfully exploit this vulnerability could gain greater privileges on the system than had been granted by the system administrator -- potentially even the same rights as the operating system.

tags | overflow, registry, vulnerability
SHA-256 | 6f6531c6b91284feb309e4db2c188f2ca99bcdad24d52e72a0bcc22cc91660e6
ms02-033
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-033 - Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server. Four vulnerablities exist: A vulnerability that results because the Profile Service contains an unchecked buffer in a section of code that handles certain types of API calls. The Profile Service can be used to enable users to manage their own profile information and to research the status of their order. An attacker who provided specially malformed data to certain calls exposed by the Profile Service could cause the Commerce Server process to fail, or could run code in the LocalSystem security context. This vulnerability only affects Commerce Server 2000. A buffer overrun vulnerability in the Office Web Components (OWC) package installer used by Commerce Server. An attacker who provided specially malformed data as input to the OWC package installer could cause the process to fail, or could run code in the LocalSystem security context. This vulnerability only affects Commerce Server 2000. A vulnerability in the Office Web Components (OWC) package installer used by Commerce Server. An attacker who invoked the OWC package installer in a particular manner could cause commands to be run on the Commerce Server according to the privileges associated with the attacker's log on credentials. This vulnerability only affects Commerce Server 2000. A new variant of the ISAPI Filter vulnerability discussed in Microsoft Security Bulletin MS02-010. This variant affects both Commerce Server 2000 and Commerce Server 2002.

tags | web, overflow, code execution
SHA-256 | 96d13da1a198a112865b89ca08e207b35426732fbdf38072cb67eb9b7c39bd01
ms02-032
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-032 - Cumulative Patch for Windows Media Player. Patch released that fixes the following three vulnerabilities: An information disclosure vulnerability that could provide the means to enable an attacker to run code on the user's system and is rated as critical severity. A privilege elevation vulnerability that could enable an attacker who can physically logon locally to a Windows 2000 machine and run a program to obtain the same rights as the operating system. A script execution vulnerability related that could run a script of an attacker's choice as if the user had chosen to run it after playing a specially formed media file and then viewing a specially constructed web page. This particular vulnerability has specific timing requirements that makes attempts to exploit vulnerability difficult and is rated as low severity.

tags | web, vulnerability, info disclosure
systems | windows
SHA-256 | 39638826819b7b607de3219c2a2a4938c1e8dd5a91b222b99f8f87cfc62cec4b
ms02-031
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-031 - Cumulative Patches for Excel and Word for Windows. New patches have been released that fix four vulnerabilities: An Excel macro execution vulnerability that relates to how inline macros that are associated with objects are handled. This vulnerability could enable macros to execute and bypass the Macro Security Model when the user clicked on an object in a workbook. An Excel macro execution vulnerability that relates to how macros are handled in workbooks when those workbooks are opened via a hyperlink on a drawing shape. It is possible for macros in a workbook so invoked to run automatically. An HTML script execution vulnerability that can occur when an Excel workbook with an XSL Stylesheet that contains HTML scripting is opened. The script within the XSL stylesheet could be run in the local computer zone. A new variant of the "Word Mail Merge" vulnerability first addressed in MS00-071. This new variant could enable an attacker's macro code to run automatically if the user had Microsoft Access present on the system and chose to open a mail merge document that had been saved in HTML format.

tags | local, vulnerability
systems | windows
SHA-256 | 8963928d16edb4a982c3a492feb911511fb69728475dedb9893ad48e4a25af6f
ms02-030
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-030 - Unchecked Buffer in SQLXML Could Lead to Code Execution. There are two vulnerabilities that exist in MSSQLXML, which ships as part of SQL Server 2000. One is an unchecked buffer vulnerability in an ISAPI extension that could allow an attacker to run code of their choice on the Microsoft Internet Information Services (IIS) Server. There is another that is in a function specifying an XML tag that could allow an attacker to run script on the user's computer with higher privilege. For example, a script might be able to be run in the Intranet Zone instead of the Internet Zone.

tags | vulnerability, code execution
SHA-256 | 2a8847567dc7da7e1d3a81f07df13ef81887cdfc660d0b9b1234378fcd74b3bd
ms02-029
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-029 - Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution. A flaw exists in the RAS phonebook implementation: a phonebook value is not properly checked, and is susceptible to a buffer overrun. The overrun could be exploited for either of two purposes: causing a system failure, or running code on the system with LocalSystem privileges. If an attacker were able to log onto an affected server and modify a phonebook entry using specially malformed data, then made a connection using the modified phonebook entry, the specially malformed data could be run as code by the system.

tags | remote, overflow, code execution
SHA-256 | a26971b2daeda8478163409faa9a87202f60946cc23dfe234f384666389736ae
ms02-028
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-028 - Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise. Vulnerability allows attacker to execute arbitrary code on the system.

tags | web, overflow, arbitrary
SHA-256 | 04f30acb371ed80bb96e9721e7666a3a6716e0e6d5f43be0473c571f4b731489
ms02-027
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Bulletin MS02-027 - Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice.

tags | protocol
SHA-256 | 8beadf73156ab5e7067fe4cb488a1655a9bbaa1e3e636f4bd1054f9263da1a67
ms02-026
Posted Aug 29, 2002
Site microsoft.com

Microsoft Security Advisory MS02-026 - Microsoft .NET Framework version 1.0's ASP.NET, a collection of technologies that helps developers build web-based applications, has an unchecked buffer in one of the routines that handles the processing of cookies in StateServer mode. An attacker could seek to exploit this vulnerability by crafting a specially malformed cookie and presenting that cookie to the ASP.NET application.

tags | web, asp
SHA-256 | 3b7b68e5df9a5eed6f74e6c5fa0189b3477750defb66bf0be1771ffef2b69371
ms02-025
Posted May 30, 2002

Microsoft Security Advisory MS02-025 - A malformed mail can cause Exchange 2000 to eat up all CPU resources. Microsoft patch available here.

SHA-256 | 546c090a70c00b2036913bb05ad745d06cf703b3e5b7ec0473f1e49d6b1a0f95
ms02-024
Posted May 23, 2002

Microsoft Security Advisory MS02-024 - A local vulnerability in the Windows debugging facility allows attackers to run code with OS privileges. Microsoft patch available here.

tags | local
systems | windows
SHA-256 | 5547c6f3859b824b8a4213127f9b6b9203a6830d5795fbcd63fbbafbe6313e81
Page 2 of 13
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close