exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

MS17-010 SMBv1 SrvOs2FeaToNt OOB Remote Code Execution
Posted May 10, 2017
Authored by Juan Sacco

SMBv1 SrvOs2FeaToNt OOB is prone to a remote code execution vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. This exploit leverages this vulnerability as described in MS17-010.

tags | exploit, remote, code execution
MD5 | 27aed1d2f12f7dbbf27284d6b7558bd7

Related Files

mslinux.jpg
Posted May 14, 2000

Microsoft Linux box cover. Very chilling, frightening, and funny too.

systems | linux, unix
MD5 | 0d02e8dd8b1606c82e88a541ad31da11
ms00-006
Posted Apr 1, 2000

Microsoft Security Bulletin (MS00-006) Update (March 31) - This patch eliminates two unrelated vulnerabilities in Microsoft Index Server. The first is the "Malformed Hit-Highlighting Argument" vulnerability which allowed any file on the system to be read. The second vulnerability involves the error message that is returned when a user requests a non-existent Internet Data Query (.idq) file which reveals the physical path to the web directory that was contained in the request. Microsoft FAQ on this issue available here.

tags | web, vulnerability
MD5 | df3fdc2c9d958f3f61278e9111afe406
ms00-008
Posted Mar 10, 2000

Microsoft Security Bulletin (MS00-008) - Microsoft has released a tool that installs tighter permissions on three sets of registry values in Windows NT 4.0. The default permissions could allow a malicious user to gain additional privileges on a machine that they can interactively log onto. Microsoft FAQ on this issue here.

tags | registry
systems | windows, nt
MD5 | bdceee85ac0cc386630f79a62e688ba9
ms00-014
Posted Mar 9, 2000

Microsoft Security Bulletin (MS00-014) - Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0. The vulnerability allows the remote author of a malicious SQL query to take unauthorized actions on a SQL Server or MSDE database or on the underlying system that was hosting the SQL Server or MSDE database. Microsoft FAQ on this issue available here.

tags | remote
MD5 | 2e925a1292012d6e9b4de5636aeb1b50
ms-clipart.txt
Posted Mar 9, 2000
Authored by Dildog | Site L0pht.com

L0pht Research Labs Advisory - Microsoft ClipArt Gallery Overflow. An attacker can seize control of a Windows 95, 98, NT, or 2000 machine via any HTML source, including Microsoft Outlook e-mail. Proof of conccept exploit included.

tags | exploit, overflow
systems | windows, 9x
MD5 | 336e2570c5f3709b523659a692be727b
ms00-015
Posted Mar 7, 2000

Microsoft Security Bulletin (MS00-015) - Microsoft has released a patch for a security vulnerability in the Microsoft^n Clip Art Gallery. The vulnerability allows a malicious party to cause hostile code to execute on the computer of a user of the Clip Art Gallery. Microsoft FAQ on this issue here.

MD5 | 07080dcff5d4c9f8e6059b905cc762f3
mssqlpwd.zip
Posted Feb 29, 2000
Authored by Max V. Uzunov

MS SQL 6.5/7.0 brute force password cracking tool.

tags | cracker
MD5 | 4fd1e0149acb20805fbeacab3e6097e8
ms00-013
Posted Feb 24, 2000

Microsoft has released a patch for a vulnerability in Windows Media Services. The vulnerability allows denial of service attacks against a streaming media server. Microsoft FAQ on this issue available here.

tags | denial of service
systems | windows
MD5 | ac6bb319ff951a59f0432251d7d5f295
ms00-012
Posted Feb 23, 2000

Microsoft has released a patch for a vulnerability in an installation routine associated with Microsoft Systems Management Server (SMS). The vulnerability allows a user to gain elevated privileges on the local machine. Microsoft FAQ on this issue here.

tags | local
MD5 | 0570a2b91dff79a5605222e9f58f0da8
ms00-010
Posted Feb 23, 2000

Microsoft has released a patch for a vulnerability in web applications associated with Microsoft Site Server 3.0, Commerce Edition. These applications are provided as samples and generated by wizards, who have unwisely allowed inappropriate access to a database on the site. Microsoft FAQ on this issue here.

tags | web
MD5 | 2682d1bf6136d721670b8b2cb7cf3031
ms00-011
Posted Feb 23, 2000

Microsoft has released a patch for a vulnerability in Microsoft VM. The vulnerability allows a malicious web site operator to read files from the computer of a person who visited his site or read web content from inside an intranet if the malicious site is visited by a computer from within that intranet, provided the full pathname is known. Microsoft FAQ on this issue here.

tags | web
MD5 | f1263cf82afff554cf1f0e42bf4b526a
ms00-009
Posted Feb 17, 2000

Microsoft has released a patch for a security vulnerability in IE. The vulnerability allows a malicious web site operator to read certain types of files on the computer of a visiting user. Microsoft FAQ on this issue here.

tags | web
MD5 | a7a96e4bc82196ef66f72895782b2c45
ms00-004
Posted Feb 4, 2000

Microsoft has released a patch for a security vulnerability in an administrative utility that ships with Microsoft Windows NT 4.0, Terminal Server Edition. The utility creates a temporary file during execution that can contain security-sensitive information, but does not appropriately restrict access to it. As a result, a malicious user on the terminal server could read the file as it was being created. Microsoft FAQ on this issue is available here.

systems | windows, nt
MD5 | a4134f565f1e631e2b59999ff1b848fb
ms00-007
Posted Feb 1, 2000

Microsoft has released a patch for a security hole Windows NT 4.0. A malicious user can create, delete or modify files in the Recycle Bin of another user who shared the machine. Microsoft FAQ on this issue available here.

systems | windows, nt
MD5 | bbc853b16329b40c68021620956ee00f
ms00-002
Posted Jan 20, 2000

Patch Available for "Malformed Conversion Data" Vulnerability. The vulnerability allows arbitrary code to be executed on a machine that opened a specially-modified Word 5 document using an affected version of the utility. Microsoft FAQ on this issue available here.

tags | arbitrary
MD5 | d1a75f8eea8e80dc723f3a37f02d02a3
ms00-005
Posted Jan 18, 2000

Microsoft has released a patch for a security vulnerability in the Rich Text Format (RTF) reader that ships as part of Windows 95, 98, and NT 4.0. The vulnerability is used to cause email programs to crash. Microsoft FAQ on this issue here.

systems | windows, 9x
MD5 | 9afbfb2a2deee54daae95b6f06d8a35c
ms00-003
Posted Jan 14, 2000

Microsoft has released a patch for a security vulnerability in Windows NT which allows a user logged onto a Windows NT 4.0 machine from the keyboard to become an administrator on the machine. Microsoft FAQ about this issue here.

systems | windows, nt
MD5 | c776df9360c2c4d4f1c7f7fa4e22893d
ms00-001
Posted Jan 7, 2000

Microsoft has released a patch for a vulnerability in the Microsoft Commercial Internet System (MCIS) Mail server. The vulnerability allows a malicious user to remotely cause services on the server to fail, or cause arbitrary code to run on the server. Microsoft FAQ on this issue here.

tags | arbitrary
MD5 | b7e869e78a23685dfc4bff6f1c537512
ms99-061.info.txt
Posted Dec 30, 1999
Authored by rain forest puppy

More information on the vulnerability described in ms99-061, a problem in IIS that causes it to parse invalid escape sequences, allowing a carefully made string to bypass IDS systems, ISAPI filters, and extension handlers. Includes a perl script to test for vulnerability.

tags | perl
MD5 | 0af787a2fcf7d7bcecc7e44df69fa355
ms99-058
Posted Dec 24, 1999

Microsoft has released a patch for a vulnerability in Microsoft IIS and other products that run atop it. The vulnerability allows a visiting user to see the source code to .ASP and other files. Microsoft FAQ on this issue here.

tags | asp
MD5 | 26321d454c336580807c35007ded930c
ms99-061
Posted Dec 24, 1999

Microsoft has released a patch for a vulnerability in Microsoft IIS and products that run atop it. The vulnerability allows files on a web server to be specified using an alternate representation, in order to bypass access controls of some third-party applications. Microsoft FAQ on this issue here.

tags | web
MD5 | df0666c5b1ec1d7c6445d8a1ea87043d
ms99-046
Posted Dec 24, 1999

Re-release of Microsoft Security Bulletin MS99-046 - In November, we withdrew a previously released patch that improved the randomness of TCP initial sequence numbers in Windows NT 4.0. The patch was withdrawn because it contained the same regression error that was present in Windows NT 4.0 SP6. We have eliminated the regression error and re-released the patch. Microsoft FAQ on this issue available here.

tags | tcp
systems | windows, nt
MD5 | c46bf1ed187c4dcae840eda091266292
ms99-060
Posted Dec 22, 1999

Microsoft has released a patch that addresses two issues - It eliminates a vulnerability in the Outlook Express mail client for Macintosh, which could allow HTML attachments to be automatically downloaded to the users computer. It also provides replacments for several digital certificates that are included in IE for macintosh which will expire Dec. 31. Microsoft FAQ on these issues here.

MD5 | 60b0a0831d99c3e80825b6a9cce6eb90
ms99-059
Posted Dec 21, 1999

Microsoft has released a patch for a security vulnerability in Microsoft SQL Server 7.0. The vulnerability causes a SQL server to crash. Microsoft FAQ available here.

MD5 | f7da5dcf0e6db65814a7778c23f12760
ms99-057
Posted Dec 17, 1999

Microsoft has released a patch for a vulnerability in Windows NT. The vulnerability could allow a malicious user to cause a Windows NT machine to crash. Microsoft FAQ about this vulnerability is here.

systems | windows, nt
MD5 | e76684a2082f0df7f018cf369eaf37a9
Page 1 of 4
Back1234Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    7 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close