what you don't know can hurt you
Showing 76 - 100 of 100 RSS Feed


Microsoft Exchange Open Redirect
Posted Mar 28, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Exchange suffers from an open redirect vulnerability.

tags | exploit
advisories | CVE-2016-3378
MD5 | 50d79a092d794c779a0fa7f12fdb4853

Related Files

Posted Apr 25, 2002
Authored by Peter Grundl

Microsoft Distributed Transaction Coordinator DoS - A flaw in the way MSDTC handles malformed packets could allow an attacker to hang the service and exhaust resources on the Server. If an attacker sends 20200 null characters to the MSDTC service, which listens on TCP port 3372, server resources are allocated poorly. This attack can result in MSDTC.EXE spiking at 100% cpu usage, MSDTC refusing connections and kernel resources being exhausted. This was fixed with MS02-018, although the security bulletin does not mention this vulnerability.

tags | kernel, tcp
MD5 | e25b02dc80600cec84dac5e0cc8955a5
Posted Apr 17, 2002
Authored by H D Moore | Site digitaloffense.net

The Microsoft FTP service is vulnerable to a Denial of Service attack in the STAT command. This condition can be triggered by a remote attacker using either a valid user account or anonymous, which is enabled by default. Once exploited, all services running under the inetinfo.exe process will terminate. MS02-018 addresses this problem. Example crash string included.

tags | remote, denial of service
MD5 | 38c1a2fcd2cfe75265b9ea17b99d958d
Posted Feb 12, 2002

Microsoft Security Advisory MS02-003 - A flaw in Microsoft Exchange 2000 allows remote users to remotely access configuration information on the server. Specifically, this flaw inappropriately gives the "Everyone" group privileges to the WinReg key. This key controls the ability of users and groups to remotely connect to the Registry. Microsoft FAQ on this issue available here.

tags | remote, registry
MD5 | de88f287e426045d6ef3f108bfdc940f
Posted Sep 8, 2001

Microsoft Security Advisory MS01-047 - A vulnerability in Microsoft Exchange 5.5 allows attackers to retrieve email addresses from the global address list (GAL) by sending a properly formatted request to the back-end function that actually performs the search. Microsoft FAQ on this issue available here.

MD5 | 0bdb5295fd228c9fb13308dab295f52f
Posted Jul 30, 2001

The Code Red worm is likely to start spreading again on July 31, 2001 at 8:00 EDT. All IIS 4 and 5 users MUST upgrade immediately! Fix for NT 4.0 available here.

tags | worm
MD5 | 8a4fe36d9058a9fa39660a647ae05fa7
Posted Jul 27, 2001

Microsoft Security Advisory MS01-041 - Several of the RPC servers associated with system services in Microsoft Exchange, SQL Server, Windows NT 4.0 and Windows 2000 do not adequately validate inputs, and are vulnerable to a remote denial of service attack. Microsoft FAQ on this issue available here.

tags | remote, denial of service
systems | windows, 2k, nt
MD5 | 2dbadf85c2999484c24b1f032a0cc16c
Posted Jul 18, 2001
Site cert.org

CERT Advisory CA-2001-18 - Several implementations of the Lightweight Directory Access Protocol (LDAP) protocol contain vulnerabilities that may allow denial-of-service attacks and unauthorized privileged access. Vulnerable services include the iPlanet directory server, IBM SecureWay running under Solaris and Windows 2000, Lotus Domino R5 Servers, Teamware Office for Windows NT and Solaris, Qualcomm Eudora WorldMail for Windows NT, Microsoft Exchange 5.5 LDAP Service, Network Associates PGP Keyserver 7.0, prior to Hotfix 2, Oracle 8i Enterprise Edition, and OpenLDAP, 1.x prior to 1.2.12 and 2.x prior to 2.0.8.

tags | vulnerability, protocol
systems | windows, 2k, nt, solaris
MD5 | 79332efa3535f9e75b175ec12691c9ce
Posted Dec 7, 2000
Authored by Incubus | Site securax.org

Remote denial of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service and Information Store. The bug is in the handling of a line containing Content="".

tags | exploit, remote, denial of service
MD5 | 0943fe0243c5f19593bfcb6ee1ecddd1
Posted Nov 17, 2000

Microsoft Security Bulletin (MS00-088) - Microsoft has released a patch that eliminates a vulnerability in the Microsoft Exchange 2000 and Exchange 2000 Enterprise Servers that could potentially allow an unauthorized user remote access to the server. Microsoft FAQ on this issue available here

tags | remote
MD5 | e367a3cd735c5313af66b556007865f5
Posted Nov 14, 2000
Authored by Art Savelev | Site savelev.com

Remote denail of service exploit for Microsoft Exchange 5.5 SP3 Internet Mail Service. A message containing charset = "" causes mail service to crash.

tags | exploit, remote
MD5 | 1019b745517c405b5168833375c8417b
Posted Nov 1, 2000

Microsoft Security Bulletin (MS00-082) - Microsoft has released a patch that eliminates the "Malformed MIME Header" vulnerability in Microsoft Exchange 5.5, which allows malicious users to cause the server to fail by sending a mail with invalid values in the MIME header. Microsoft FAQ on this issue available here.

MD5 | 6483269290f139be24c0e6ce85420f15
Posted Feb 23, 2000
Authored by Juan Carlos Garcia Cuartango

An ActiveX control shipped with IE can be used to install software components signed by Microsoft without prompting the user. This of course raises trust issues. Someone, not necessarily Microsoft, could use this control to install a Microsoft signed component in your system.

tags | exploit, activex
MD5 | a6f230dc95b98b2d73a0f82f61dfe607
Posted Feb 1, 2000
Authored by Hiromitsu Takagi

Another security hole in Microsoft Virtual Machine for Java has been discovered that allows a java applet to read any file on the system. This vulnerability is quite dangerous and immediate de-activation of the IE Java function provided by Microsoft is highly recommended.

tags | exploit, java
MD5 | c1b9ebcc8306eb8d2e2890f8e119816c
Posted Oct 25, 1999
Authored by Sil

These calculations show that Microsoft may be guilty of murder, on order of several people per day.

systems | unix
MD5 | bb8d2b6d54d6e7c2abd22efed765425c
Posted Aug 17, 1999
Authored by RA Downes

The Bloatware Debate - Very interesting dissection and reverse-engineering of a Microsoft product, with relevant points to fuel "the bloatware debate". This is what real "hacking" is all about.

tags | paper
MD5 | 24b04ceb6d81ff61698093b4143e087e
Posted Aug 17, 1999

The Microsoft family in 1978

systems | unix
MD5 | 1c8222c21a4d50d8da0e4fb189ce1245
Posted Aug 17, 1999

Microsoft Buys Linux for $18 Billion

systems | linux, unix
MD5 | 6ca64a4f1ad44115c7c1e18e53421975
Posted Aug 17, 1999

Windows NT does not properly handle the use of wildcards, matching filename characters that do not even exist in pseudo-8.3 format filenames.

tags | exploit
systems | windows, nt
MD5 | fbf6d3fd21438b528956c3b83f52ea39
Posted Aug 17, 1999

Bug in Microsoft AutoRoute Express 2000 results in incorrect calculations of travel diatances. No fix available yet.

tags | exploit
MD5 | d94eaec2998349a50f8dd35b3735862f
Posted Aug 17, 1999

Severe security vulnerabilities in Microsoft Netmeeting for Windows 9x/NT allow local users to gain root privileges, open up machines running Netmeeting to Denial of Service attacks, much more. No fix or vendor response.

tags | exploit, denial of service, local, root, vulnerability
systems | windows, 9x
MD5 | 83f2f8afd42e0807ab919ada926cd970
Posted Aug 17, 1999

Microsoft has invented new ways to compromise your privacy and snoop on you while you work. These "features" are included now included in Windows 98, Office 97, and even in microsoft.com cookies. The beta versions of Windows 2000 and Office 2000 are also suspect.

tags | exploit
systems | windows, 2k, 9x
MD5 | cb06818c8a12602108b8a834ab46a813
Posted Aug 17, 1999

Microsoft releases virus infected MS Word documents on their own web site! If you have visited http://www.microsoft.com/uk/business_technology/dns/ecommerce/financial/case.htm recently to find out more about MS Exchange and E-commerce, then you should scan for the W97M/Marker.C virus on your network. This has happened numerous times!

tags | exploit, web, virus
MD5 | 2568cfb2105d39b878ec140ffa3e7cc0
Posted Aug 17, 1999

Vulnerabilities in Microsoft Exchange server allow remote attacker to delete user inbox and launch Denial of Service attack with embedded JavaScript.

tags | exploit, remote, denial of service, javascript, vulnerability
MD5 | 199edd03e1fe2230e6409c28c53f824e
Posted Aug 17, 1999

Cheyenne InocuLAN Anti-Virus Agent for Microsoft Exchange stores account name and password in plaintext.

tags | exploit, virus
MD5 | 850d398c1afc0e6ff21940d5fcebd880
Posted Aug 17, 1999
Authored by X-Force

Buffer overflow in Microsoft Exchange's LDAP (Lightweight Directory Access Protocol) server allows read access to the Exchange server directory by using an LDAP client. Remote arbitrary code execution and Denial of Service attacks possible. Patch available.

tags | exploit, remote, denial of service, overflow, arbitrary, code execution, protocol
MD5 | b4359f9fb45f3a589a661ba72ffa6996
Page 4 of 4

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By