exploit the possibilities
Showing 26 - 50 of 100 RSS Feed

Files

Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
MD5 | 50d79a092d794c779a0fa7f12fdb4853

Related Files

CAS Autodiscover Enumeration
Posted Aug 3, 2014
Authored by Nathan Power

The Microsoft Exchange Client Access Server (CAS) that services Autodiscover has been found vulnerable to an information disclosure. It has been discovered that a standard domain user without Exchange permissions can enumerate Autodiscover configuration files of Exchange users by an XML SOAP parameter injection.

tags | exploit, info disclosure
MD5 | 4e25fef3c4f61218c80249157de91d17
Microsoft Exchange Internal IP Disclosure
Posted Aug 3, 2014
Authored by Nathan Power

Multiple issues have been discovered that makes it possible to disclose internal IP addresses of remote Microsoft Exchange environments.

tags | exploit, remote
MD5 | e0dfb9a016b5b66263863825c75e4206
Microsoft Dynamics CMS 2013 CSRF / File Upload / Replay
Posted Jun 24, 2014
Authored by Vadodil Joel Varghese

Microsoft Dynamics CRM 2013 is susceptible to multiple security vulnerabilities such as cross site request forgery, cross browser, replay, and file upload attacks.

tags | exploit, vulnerability, file upload, csrf
MD5 | 7519314d1b8e20ad537b7813ea7606ad
Red Hat Security Advisory 2013-1540-02
Posted Nov 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1540-02 - Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. The Evolution packages have been upgraded to upstream version 2.32.3, which provides a number of bug fixes and enhancements over the previous version. These changes include implementation of Gnome XDG Config Folders, and support for Exchange Web Services protocol to connect to Microsoft Exchange servers. EWS support has been added as a part of the evolution-exchange packages.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2013-4166
MD5 | b413381d165bf565fbe1231558293b89
Red Hat Security Advisory 2013-0515-02
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0515-02 - The openchange packages provide libraries to access Microsoft Exchange servers using native protocols. Evolution-MAPI uses these libraries to integrate the Evolution PIM application with Microsoft Exchange servers. A flaw was found in the Samba suite's Perl-based DCE/RPC IDL compiler. As OpenChange uses code generated by PIDL, this could have resulted in buffer overflows in the way OpenChange handles RPC calls. With this update, the code has been generated with an updated version of PIDL to correct this issue. The openchange packages have been upgraded to upstream version 1.0, which provides a number of bug fixes and enhancements over the previous version, including support for the rebased samba4 packages and several API changes.

tags | advisory, overflow, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | 19b81dcf2649f00ebc22208a2fd104f0
Secunia Security Advisory 52133
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | a73fddee425c0bc808b263ef6c3e7782
Microsoft Lync 2012 Code Execution
Posted Jan 12, 2013
Authored by Christopher Emerson

Microsoft Lync 2012 fails to properly sanitize user-supplied input, which can lead to remote code execution.

tags | exploit, remote, code execution
MD5 | 51a082e8276d81396fdbca96ae51ba3c
Secunia Security Advisory 51474
Posted Dec 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 1b83b1a7143d1ee3e819ab32be42d51c
Secunia Security Advisory 50275
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in McAfee Security for Microsoft SharePoint and McAfee Security for Microsoft Exchange, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 59f864372e600aca224258f59901094a
Secunia Security Advisory 50019
Posted Jul 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | edbff8302a74fcd4403e975d22a8dfc3
Microsoft.com Cross Site Scripting
Posted Mar 19, 2012
Authored by Sony, Flexxpoint

www.microsoft.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 718873ebed4ab7685e9145ba623627af
Microsoft.com Cross Site Scripting
Posted Mar 8, 2012
Authored by Ryuzaki Lawlet

Microsoft.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c251c2a74ff13220a8fff6fdd9307474
Microsoft Report Viewer Cross Site Scripting
Posted Aug 25, 2011
Authored by Adam Bixby | Site gdssecurity.com

Microsoft Report Viewer controls suffer from a cross site scripting vulnerability. Microsoft Report Viewer Redistributable 2005 SP1 and Microsoft Visual Studio 2005 Service Pack 1 are affected.

tags | exploit, xss
advisories | CVE-2011-1976
MD5 | 2127d7df083651d49fe5271549571c9f
Microsoft IIS 6 Parsing Vulnerability
Posted Jan 25, 2011
Authored by Pouya Daneshmand

The author of this file claims that naming a directory with a .asp extension on IIS 6 will causing all files inside of it to be executed as such.

tags | advisory, asp
MD5 | e7c2f004e3702a7a06318c380b571e83
Secunia Security Advisory 42633
Posted Dec 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 767657aff12d6979d6e19443d0b362c1
Zero Day Initiative Advisory 10-286
Posted Dec 15, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-286 - This vulnerability allows attackers to deny services on vulnerable installations of Microsoft Exchange Server 2007. Authentication is required to exploit this vulnerability. The specific flaw exists within store.exe during the handling of a particular MAPI call. The service will enter a loop whose termination is controlled by an attacker. If the attacker specifies an invalid value, the loop will never terminate causing the service to stop responding to requests. This results in a denial of service against the target server.

tags | advisory, denial of service
advisories | CVE-2010-3937
MD5 | 4adbf94c44ab29b7d501089f6e298578
Secunia Security Advisory 41421
Posted Sep 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 3c30f8694f28c6e4d64285809a936191
Microsoft Help Files (.CHM) Locked File Bypass
Posted Jun 25, 2010
Authored by Paul Craig | Site security-assessment.com

Microsoft Help Files (.CHM) suffer from a locked file bypass.

tags | advisory, bypass
MD5 | f8ae4902131c75802c40a7a3197fc5c0
Secunia Security Advisory 39253
Posted Apr 15, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server 2000, which can be exploited by malicious people to gain knowledge of certain sensitive information.

tags | advisory
MD5 | 9ca4e3e9732c71966fd25118c0fad1d9
Technical Cyber Security Alert 2010-103A
Posted Apr 14, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-103A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Exchange.

tags | advisory, vulnerability
systems | windows
MD5 | b7aec71621ae7668e691258ddeacb922
Microsoft IIS FTP Server NLST Response Overflow
Posted Nov 26, 2009
Authored by H D Moore, Kingcope | Site metasploit.com

This Metasploit module exploits a stack overflow flaw in the Microsoft IIS FTP service. The flaw is triggered when a special NLST argument is passed while the session has changed into a long directory path. For this exploit to work, the FTP server must be configured to allow write access to the file system (either anonymously or in conjunction with a real account).

tags | exploit, overflow
MD5 | b566a46c73d7525de3e054c23aeee675
Secunia Security Advisory 33838
Posted Feb 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 3fe9a8fb1ec8d536bb41b4b59244c674
iDEFENSE Security Advisory 2009-01-12.3
Posted Jan 14, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 01.12.09 - Remote exploitation of an uninitialized memory vulnerability in Research In Motion Ltd.'s BlackBerry Enterprise Server could allow an attacker to execute arbitrary code with the privileges of the affected service, which is usually SYSTEM. The vulnerability occurs when parsing a data stream inside of a PDF file. Due to a logic error, it is possible to allocate an array of object pointers that is never initialized. This array is located on the heap. When the object that contains this array is destroyed, each pointer in the array is deleted. Since the memory is never properly initialized, whatever content was previously there is used. It is possible to control the chunk of memory that gets allocated for this array, which can lead to attacker-controlled values being used as object pointers. This results in the execution of arbitrary code when these pointers are deleted. iDefense has confirmed the existence of this vulnerability in BlackBerry Enterprise Server version 4.1.5 and 4.1.6 (4.1 SP5, SP6). 4.1.6 is the most current version, as of the publishing of this report. This vulnerability was confirmed in BlackBerry Enterprise Server for Microsoft Exchange, but is believed to affect the Lotus and Novell versions as well. Previous versions may also be affected.

tags | advisory, remote, arbitrary
MD5 | a0ba4e644bd98bdcc8cb5fa9e8500ca4
iDEFENSE Security Advisory 2009-01-12.2
Posted Jan 14, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 01.12.09 - Remote exploitation of a heap overflow vulnerability in Research In Motion Ltd. (RIM)'s BlackBerry Enterprise Server could allow an attacker to execute arbitrary code with the privileges of the affected service, usually SYSTEM. The vulnerability occurs when parsing a data stream inside of a PDF file. During parsing, a dynamic array is filled up with pointers to certain objects without properly checking to see whether the array is large enough to hold all of the pointers. By inserting a large number of pointers, it is possible to overflow the array, and corrupt object pointers. This can lead to the EIP register being controlled, which results in the execution of arbitrary code. Defense has confirmed the existence of this vulnerability in BlackBerry Enterprise Server version 4.1.5 and 4.1.6 (4.1 SP5, SP6). 4.1.6 is the most current version, as of the publishing of this report. This vulnerability was confirmed in BlackBerry Enterprise Server for Microsoft Exchange, but is believed to affect the Lotus and Novell versions as well. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
MD5 | 24f5aa6494afdf4073a5f89baed865b7
iDEFENSE Security Advisory 2009-01-12.1
Posted Jan 14, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 01.12.09 - Remote exploitation of a heap overflow vulnerability in Research In Motion Ltd. (RIM)'s BlackBerry Enterprise Server could allow an attacker to execute arbitrary code with the privileges of the affected service, usually SYSTEM. The vulnerability occurs when parsing a certain stream inside of a PDF file. During parsing, a heap buffer is filled up with without properly checking to see whether the buffer is large enough to hold the current value. By inserting a large number of values, it is possible to overflow the buffer, and corrupt object pointers. This can lead to pointers being controlled, which results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in BlackBerry Enterprise Server version 4.1.5 and 4.1.6 (4.1 SP5, SP6). 4.1.6 is the most current version, as of the publishing of this report. This vulnerability was confirmed in BlackBerry Enterprise Server for Microsoft Exchange, but is believed to affect the Lotus and Novell versions as well. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
MD5 | ccc046a70b456e87ead4ae296c970c41
Page 2 of 4
Back1234Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close