what you don't know can hurt you
Showing 51 - 75 of 100 RSS Feed

Files

Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
MD5 | 50d79a092d794c779a0fa7f12fdb4853

Related Files

Microsoft_Windows_resolver_DNS_cache_poisoning.pdf
Posted Apr 9, 2008
Authored by Amit Klein | Site trusteer.com

This paper shows that Windows DNS stub resolver queries are predictable - i.e. that the source UDP port and DNS transaction ID can be effectively predicted. A predictability algorithm is described that, in optimal conditions, provides very few guesses for the "next" query, thereby overcoming whatever protection offered by the transaction ID mechanism. This enables a much more effective DNS client poisoning than the currently known attacks against Windows DNS stub resolver.

tags | paper, udp
systems | windows
MD5 | 9eb4409051bfcd2a72603538ea3fdeb1
iDEFENSE Security Advisory 2007-05-08.4
Posted May 10, 2007
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 05.08.07 - Remote exploitation of an integer overflow vulnerability in the IMAP service of Microsoft Exchange 2000 could allow a remote attacker to crash all running Exchange services and other services in the same process. The vulnerability specifically exists in code responsible for reading of literals in the IMAP4 service. When the IMAP4 service encounters a specially crafted literal, it fails to properly process it. An access violation occurs causing an unhandled exception that terminates the process. iDefense confirmed the existence of this vulnerability in Microsoft Exchange 2000 with Service Pack 3.

tags | advisory, remote, overflow, imap
advisories | CVE-2007-0221
MD5 | 41dfd11ab1612d6ad35ed1f0004b4d0e
modprops-dos.txt
Posted May 10, 2007
Authored by Alexander Sotirov | Site determina.com

Determina Security Research has discovered a denial of service vulnerability in the code responsible for parsing iCal email attachments in Microsoft Exchange. This vulnerability can be exploited by a malicious email message and results in a denial of service. The vulnerable code is present in Exchange 2000 and 2003.

tags | advisory, denial of service
advisories | CVE-2007-0039
MD5 | 517efa884b7027c6bb781a308e87eb6b
Secunia Security Advisory 25183
Posted May 10, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Exchange, which can be exploited by malicious people to conduct script insertion attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 6ad654c9ccbcfa5741735dfc330856f1
Microsoft_Dns_Server_Exploit.zip
Posted Apr 17, 2007
Authored by Andres Tarasco, Mario Ballano | Site 514.es

Microsoft DNS Server remote code execution exploit and analysis. This exploit works against TCP port 445. Tested against Windows 2000 server SP4 and Windows 2003 SP2. Binds a shell to TCP port 4444.

tags | exploit, remote, shell, tcp, code execution
systems | windows, 2k
advisories | CVE-2007-1748
MD5 | bf3b37514e4d4d9e3e243dbfd1747864
Secunia Security Advisory 20634
Posted Jun 14, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 83e471345b4d12115179b66fe2a6c154
Secunia Security Advisory 20407
Posted Jun 1, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, virus
MD5 | acbc919765b086f1bd666e39ac906d14
Secunia Security Advisory 20029
Posted May 9, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 3dba3c83ae8a7d9ce15600a1cd05d366
Microsoft.IIS.Malformed.URI.cpp
Posted Dec 28, 2005
Authored by Lympex | Site l-bytes.tk

Microsoft IIS 5.1 malformed URI denial of service exploit.

tags | exploit, denial of service
MD5 | 33e4e92fc77d2514e825fa4956262cd3
Secunia Security Advisory 17361
Posted Nov 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper, which can be exploited by malicious people to gain knowledge of potentially sensitive information.

tags | advisory, virus
MD5 | 3e48c8595b08358e76b99c7b583283ac
sec-1-Collarboration.txt
Posted Oct 15, 2005
Authored by Gary O'Leary-Steele | Site sec-1.com

Sec-1 has identified an exploitable buffer overflow within Collaboration Data Objects (Cdosys.dll and Cdoex.dll). The vulnerability exists when event sinks are used within Microsoft Exchange 2000 or Microsoft Mail services to parse e-mail content. Several Content Security packages were identified to be vulnerable/exploitable.

tags | advisory, overflow
advisories | CVE-2005-1987
MD5 | 214c9052233e0677ed44775fe3507f2a
CDObo.txt
Posted Oct 12, 2005
Authored by Gary O'Leary-Steele | Site sec-1.com

Sec-1 has identified an exploitable Buffer Overflow within Collaboration Data Objects (Cdosys.dll and Cdoex.dll). The vulnerability exists when event sinks are used within Microsoft Exchange 2000 or Microsoft Mail services to parse e-mail content. Several Content Security packages were identified to be vulnerable/exploitable.

tags | advisory, overflow
advisories | CVE-2005-1987
MD5 | 90980caac6ac6153635ef2b9c186b012
Secunia Security Advisory 17167
Posted Oct 12, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows and Microsoft Exchange 2000 Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | windows
MD5 | a649f6fdd4055501d31358231f4669e8
Secunia Security Advisory 16740
Posted Sep 9, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server 2003, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | a693925f5af958fafe42415fdfe5a53b
Secunia Security Advisory 14920
Posted Apr 18, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ISS X-Force has reported a vulnerability in Microsoft Exchange Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 65f24579302f3556855ac74f045cdc23
Secunia Security Advisory 14543
Posted Mar 15, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Exchange Server 2003, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 1b21d12caa6d146bc0a12146f0eb15ac
f-secure.arj.txt
Posted Feb 18, 2005
Site xforce.iss.net

F-Secure Antivirus Scanner multiple products vulnerability - A buffer overflow in the processing of ARJ archives allows remote code execution on multiple F-Secure products with no authentication required. Affected software includes F-Secure Anti-Virus 2004, F-Secure Anti-Virus 2005, F-Secure Anti-Virus 5.x, F-Secure Anti-Virus Client Security 5.x, F-Secure Anti-Virus for Firewalls 6.x, F-Secure Anti-Virus for Linux 4.x, F-Secure Anti-Virus for Microsoft Exchange 6.x, F-Secure Anti-Virus for MIMEsweeper 5.x, F-Secure Anti-Virus for Samba Servers 4.x, F-Secure Anti-Virus for Workstations 5.x, F-Secure Internet Gatekeeper 6.x, F-Secure Internet Gatekeeper for Linux 2.x, F-Secure Internet Security 2004, and F-Secure Internet Security 2005. See also here.

tags | advisory, remote, overflow, code execution, virus
systems | linux
MD5 | 8efda2c32a5fe68500a30323cf57ef90
Cisco Security Advisory 20041215-unity
Posted Dec 30, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Several default username/password combinations are present in all available releases of Cisco Unity when integrated with Microsoft Exchange. The accounts include a privileged administrative account, as well as several messaging accounts used for integration with other systems. An unauthorized user may be able to use these default accounts to read incoming and outgoing messages, and perform administrative functions on the Unity system.

tags | advisory
systems | cisco
MD5 | 8951cb4f2a9c829bcd1e69ea7b530ba5
Secunia Security Advisory 12492
Posted Sep 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.

tags | advisory, denial of service, virus
MD5 | 768c5dae11a645111e0ff60cc1dee12f
Secunia Security Advisory 12261
Posted Aug 11, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has released an update for Exchange Server 5.5 SP4. This fixes a vulnerability, allowing malicious people to conduct script insertion attacks. The vulnerability is caused due to an input validation error in a HTML redirection query. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website when a malicious entry is viewed. This vulnerability affects Microsoft Exchange 5.5 with Service Pack 4.

tags | advisory, arbitrary
MD5 | 07b9deeae3068944868026d1ae63a15b
microsoft.owned.jpg
Posted May 25, 2004

Amusing graphic of Microsoft's UK web site getting compromised and defaced again in May, 2004.

tags | web
systems | unix
MD5 | 4badced47cc58f6ea4dab74f208e6cf8
ms03-046.pl
Posted Oct 30, 2003
Authored by H D Moore | Site metasploit.com

Exploit for ms03-046 - Microsoft Exchange Server 5.5 and Exchange 2000 buffer overflow, in perl. Denial of service only.

tags | exploit, denial of service, overflow, perl
MD5 | 17479c516711b178d64dbfcb23ff116f
CA-2003-27.MS.txt
Posted Oct 16, 2003
Site cert.org

CERT Advisory CA-2003-27 - A number of vulnerabilities in both Microsoft Windows and Microsoft Exchange have been discovered with multiple bugs giving privilege escalation and remote command execution.

tags | advisory, remote, vulnerability
systems | windows
MD5 | be063887ae4c9a37d0f1176b909a14cb
ms03-047
Posted Oct 16, 2003
Site microsoft.com

Microsoft Security Advisory MS03-047 - Microsoft Exchange Server 5.5, Service Pack 4, suffers from a cross site scripting attack due to the way Outlook Web Access (OWA) performs HTML encoding in the Compose New Message form.

tags | advisory, web, xss
MD5 | e2d2bc1dd1e26a32b9c5a6c06b626fde
iss.exchange.txt
Posted Jul 25, 2002
Site iss.net

ISS Security Advisory - Microsoft Exchange Server v5.5 contains a remotely exploitable buffer overflow. This flaw allows attackers to either crash Exchange and block all inbound and outbound email delivery or allow an attacker to gain complete control of the server.

tags | overflow
MD5 | ae145c1d4f7894ecbafc5ad974e6533a
Page 3 of 4
Back1234Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    17 Files
  • 23
    Mar 23rd
    1 Files
  • 24
    Mar 24th
    1 Files
  • 25
    Mar 25th
    16 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close