exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 313 RSS Feed

Files

ms01-029
Posted May 25, 2001

Microsoft Security Advisory MS01-029 - Two separate vulnerabilities have been found in Windows Media Player. The first is a buffer overflow in the parsing of Active Stream Redirector (.ASX) files which allows attackers to run arbitrary code on the users machine. The vulnerability can be exploited via a malicious website. The second vulnerability is a bug in the handling of shortcuts which allows attackers to read any file on the users system. Microsoft FAQ on this issue available here.

tags | overflow, arbitrary, vulnerability
systems | windows
SHA-256 | de8c057c169b4d064727062240aadae3926e0dd115c8e508d5de6a3574efe7fc
ms01-028
Posted May 23, 2001

Microsoft Security Advisory MS01-028 - Microsoft Word contains a vulnerability in RTF documents linked to templates which allows malicious users to run macros without the users knowledge or approval. The macro would be able to take any action that the user herself could take. This could include disabling the user's Word security settings so that subsequently-opened Word documents would no longer be checked for macros. Microsoft FAQ on this issue available here.

SHA-256 | 23d0500e57635f970a6cdb057331b5ed4edae2ecd473703ac2900e4611f3eeb0
ms01-027
Posted May 18, 2001

Microsoft Security Advisory MS01-027 - Internet Explorer has 2 recently discovered vulnerabilities, both of which allow attackers to spoof trusted websites. The first vulnerability causes IE to not check that the server name matches the name on the cert, that the cert is not expired, and that the issuer of the cert is trusted. The second vulnerability allows web pages to display a fake URL in the IE address bar. Microsoft FAQ on this issue available here.

tags | web, spoof, vulnerability
SHA-256 | 159613942f27ac76bedf421b789f69178bb9b027f13aae03f84bb125759b76e7
ms01-026
Posted May 17, 2001

Microsoft Security Advisory MS01-026 - Three new vulnerabilities have been found in Microsoft IIS 5.0. The first allows remote attackers to execute commands in the security context of the IUSR_machinename account. A vulnerability that could enable denial of service attacks against the FTP service due to wildcard expansion has also been patched. Finally, a vulnerability that could make it easier for an attacker to find Guest accounts that had been inadvertently exposed via FTP. If an attacker preceded an account name with a particular set of characters, the FTP service would search the domain, and all trusted domains, for the user account. Microsoft FAQ on these issues available here.

tags | remote, denial of service, vulnerability
SHA-256 | d77ab68c2a8150465e70f464962e49e04844999e9c5b8e255fb11f56de603c88
ms01-025
Posted May 17, 2001

Microsoft Security Advisory MS01-025 - Two unrelated security vulnerabilities have been found in Microsoft Index Server 2.0. The first vulnerability is a buffer overrun vulnerability in the function that processes search requests which allows attackers to run arbitrary code in the local system security context. The second vulnerability affects both Index Server 2.0 and Indexing Service in Windows 2000, and is a new variant of the "Malformed Hit-Highlighting" vulnerability discussed in here.

tags | overflow, arbitrary, local, vulnerability
systems | windows
SHA-256 | 3198907bcdcc3310a7e0a8bb17d0f7fdfe4d34ec2aa1ba99035ba45dd3f53704
ms01-024
Posted May 10, 2001

Microsoft Security Advisory MS01-024 - A core service running on all Windows 2000 domain controllers contains a memory leak which allows attackers to deplete the servers memory, causing it to become unresponsive. Microsoft FAQ on this issue available here.

tags | memory leak
systems | windows
SHA-256 | 05e9dba4c46fa409164cf9a157b85989118d4d70d18e0ce0d9a084717085ea49
ms01-023
Posted May 3, 2001

Microsoft Security Advisory MS01-023 - A serious vulnerability has been discovered in Windows 2000's IIS 5.0 in the handling of the Internet Printing Protocol (IPP). An buffer overflow in the ISAPI extension which handles input parameters allows any website user to execute arbitrary code with the local system security context, giving an attacker complete control over the server. The server must have tcp port 80 or 443 open. Microsoft FAQ on this issue available here.

tags | overflow, arbitrary, local, tcp, protocol
systems | windows
SHA-256 | 459e672e876ff12c3cc8e618df416141205863c58da36096bdcb03712f214acd
ms01-015
Posted Apr 24, 2001

Microsoft Security Advisory MS01-015 - A vulnerability in IE allows web server operators to discover the full path of items in the IE cache, allowing remote execution of binaries via a web site or email message. The recommended patch fixes 3 more security problems. Microsoft FAQ on this issue available here.

tags | remote, web
SHA-256 | de01a0dff05dc9a62d7caaf101b9b28e5016868b5d92793e6f1265e99827edf3
ms01-022
Posted Apr 22, 2001

Microsoft Security Advisory MS01-022 - The Microsoft Data Access Component Internet Publishing Provider provides access to WebDAV resources over the Internet. It contains an implementation flaw causing it to handle all requests in the security context of the user. As a result, if a user browsed to a web page or opened an HTML e-mail that contained script, that script could access web-based resources as the user. It is likely that at a minimum, the attacker could browse the user's intranet, and access web-based e-mail as well. Microsoft FAQ on this issue available here.

tags | web
SHA-256 | 44db5213ed41bbd17999a666108a7c3f4de1bd1b055a49df7f1da3d7e837ddc5
ms01-021
Posted Apr 17, 2001

Microsoft Security Advisory MS01-021 - The ISA Server Web Proxy service is vulnerable to a remote denial of service attack if the Web Publishing feature is enabled. Microsoft FAQ on this issue available here.

tags | remote, web, denial of service
SHA-256 | 659d1ff434647b93422ef7fd88bfa6838a2c32f67e29c72d3bc0c32808bda089
ms01-017
Posted Apr 10, 2001

Microsoft Security Advisory MS01-017 - Verisign created 2 digital certificates for someone who fraudulently claimed to be a Microsoft employee. The common name assigned to both certificates is "Microsoft Corporation". The ability to sign executable content using keys that purport to belong to Microsoft would clearly be advantageous to an attacker who wished to convince users to allow the content to run. Microsoft FAQ on this issue available here.

SHA-256 | ee77d083c9d8d2b90c75fe703247f46d4ebe0499c86e2b3a70910836516304c9
ms01-20
Posted Apr 7, 2001

Microsoft Security Advisory MS01-020 - A flaw in IE in handling unusual MIME types allows remote code execution via HTML email messages or when a user views a web page. Microsoft FAQ on this issue available here.

tags | remote, web, code execution
SHA-256 | 2348394d3873358f0f8d53efde2e12db0e0eea695122fa08a9ffb48e3c07c9a8
ms01-019
Posted Mar 28, 2001

Microsoft Security Advisory MS01-019 - Compressed folders, included with Windows ME and Plus 98, has an implementation flaw which records the plain text password used to encrypt the folder in c:\windows\dynazip.log. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | b5fc6a0870cb0242f37af5984c61e3ab6b8a4f13dc6a0a09322c5e25e90d8426
ms01-018
Posted Mar 28, 2001

Microsoft Security Advisory MS01-018 - The VB-TSQL debugger object that ships with Visual Studio 6.0 Enterprise Edition has a buffer overflow which can be remotely exploited to execute arbitrary code as the interactively logged-on user running the debugger. The attack uses TCP port 137-139 and 445. Microsoft FAQ on this issue available here.

tags | overflow, arbitrary, tcp
SHA-256 | d983985ba2d6cb016f157c5b43ac76210e91230aefad8ff2a3e9cd401f0c2ae9
ms01-016
Posted Mar 16, 2001

Microsoft Security Advisory MS01-016 - A remote denial of service attack has been discovered in WebDAV, and extension to the HTTP protocol included in Windows 2000 IIS 5.0. Microsoft FAQ on this issue available here.

tags | remote, web, denial of service, protocol
systems | windows
SHA-256 | c80117b9bf7cc43251692b9718db26d94050802d79ad071dfb50f1e55501d4d4
ms01-014
Posted Mar 3, 2001

Microsoft Security Advisory MS01-014 - IIS 5.0 and Exchange 2000 are vulnerable to remote denial of service attacks. If a certain malformed URL is repeatedly sent to an affected system, it will cause a memory allocation error that will result in the failure of the IIS service. Exchange 2000 is affected by the same vulnerability which can crash the Exchange 2000 webmail service. Microsoft FAQ on this issue available here.

tags | remote, denial of service
SHA-256 | 7e7e961b27aafc3eb72e2d0b5a3aebddbe33062cd71ba2ce552a7a2c19f596b4
ms01-013
Posted Feb 27, 2001

Microsoft Security Advisory MS01-013 - The Windows 2000 event viewer snap-in has an unchecked buffer in a section of the code that displays the detailed view of event records. If the event viewer attempts to display an event record that contains specially malformed data in one of the fields, code of the attacker's choice can be made to run with the privileges of the user running the event viewer. Microsoft FAQ on this issue available here.

systems | windows
SHA-256 | fd428d11543b426f8a0c1f9971572740551089ba5b2c2d6b0713c7bb5424dbe0
ms01-012
Posted Feb 23, 2001

Microsoft Security Advisory MS01-012 - Outlook and Outlook Express can be tricked into executing arbitrary code via email messages which contain malformed vCards. When the vCard is opened, a buffer overflow error can cause Outlook to crash, or take any desired action, limited only by the permissions of the recipient on the machine. Microsoft FAQ on this issue available here.

tags | overflow, arbitrary
SHA-256 | 2e6cf339348dc60f225d723233b963526abbd218f50a213c38d40f0e9496c1ee
ms01-011
Posted Feb 21, 2001

Microsoft Security Advisory MS01-011 - A core service running on all Windows 2000 domain controllers contains a flaw in the processing of requests which allows remote attackers to use up most of the CPU, limiting the number of logins the machine can process. Microsoft FAQ on this issue available here.

tags | remote
systems | windows
SHA-256 | 4f2a7e699ba6d383a5a2c3e8690ab871e83dce3ab2b17788fc1f20921baeea60
ms01-009
Posted Feb 16, 2001

Microsoft Security Advisory MS01-009 - The PPTP service in Windows NT 4.0 has a flaw which allows remote attackers to crash the service via a malformed packet. Microsoft FAQ on this issue available here.

tags | remote
systems | windows
SHA-256 | 9f459f1211e41897038aebbe45c2bfbccf92f8c2231699929744255277097d75
ms01-010
Posted Feb 16, 2001

Microsoft Security Advisory MS01-010 - Windows Media Player 7 has a vulnerability in the skins feature which manifests itself when a Windows Media Player skin (.WMZ) file is downloaded from an untrusted website. Java code can be used to read and browse files on a local machine. The vulnerability stems from the fact that "skins" are downloaded to a known location on a victim's computer and are stored in a .zip package. If the .zip package contained a Java class (.class) file, any Java code in this class can be executed under the local computer security zone, taking arbitrary action on the user's machine. Microsoft FAQ on this issue available here.

tags | java, arbitrary, local
systems | windows
SHA-256 | aa001023b4b36b589fc75bf5d0b2ab730e136efc4e831a9d8dacbeb1217084a7
ms01-007
Posted Feb 14, 2001

Microsoft Security Advisory MS01-007 - A vulnerability has been found in Windows 2000 Network Dynamic Data Exchange (DDE) which allows attackers to cause the Network DDE Agent to run code of her choice in Local System context, gaining control over the machine. Microsoft FAQ on this issue available here.

tags | local
systems | windows
SHA-256 | bb8d460f654c9e70b026ccc0a890cd748fef823b25d267fd7068393f7b895c5e
ms01-008
Posted Feb 12, 2001

Microsoft Security Advisory MS01-008 - A flaw in the NTLM Security Support Provider (NTLMSSP) service allows a non-administrative user to gain administrative control over the system. In order to perform this attack the user would need a valid login account and the ability to execute arbitrary code on the system. Microsoft FAQ on this issue available here.

tags | arbitrary
SHA-256 | fd372dce83d40400b88e4302defae7822e466e7f14d6a75ba1e1441d17864a81
ms01-005
Posted Feb 2, 2001

Microsoft Security Advisory ms00-005 - Windows 2000 Post Service Pack 1 hotfixes made available through December 18, 2000 can cause Windows File Protection to remove a valid hotfix from a system. If the hotfixes were added in a certain order, a customer's system reverts to a version of a Windows 2000 module that contains security vulnerabilities. Microsoft FAQ on this issue available here.

tags | vulnerability
systems | windows
SHA-256 | 25ef87b72e33cdf7175418c49eb3aee6c42eaaa4e438be678d65482ba6922c34
ms01-006
Posted Feb 2, 2001

Microsoft Security Advisory MS01-006 - The implementation of the Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not correctly handle a particular series of data packets, allowing remote attackers to crash the server via tcp port 3389. Microsoft FAQ on this issue available here.

tags | remote, tcp, protocol
systems | windows
SHA-256 | 205efd9aed64533ded1e973cad6dfa522182347483a5f8df80bc4686e920a617
Page 5 of 13
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close