exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Windows Kernel nt!MiRelocateImage Invalid Read
Posted Jul 15, 2022
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from an invalid read in nt!MiRelocateImage while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2022-30155
SHA-256 | 14cc97653808a5e83777838181351383480596c1a9ab0edd737615c558008d89

Related Files

utilmaned2.c
Posted Jul 17, 2004
Authored by Kralor

Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Updated version that can be executed via simple cmd.exe shells using a normal user account. Gives a shell with SYSTEM privileges.

tags | exploit, shell, local
systems | windows
advisories | CVE-2004-0213
SHA-256 | 075b9e7810c1d745ad80808bae307f18bd645d2e8f49f32f7a9315895c6f6671
utilmaned1.c
Posted Jul 17, 2004
Authored by Kralor

Local elevation of privileges exploit for the Microsoft Windows 2000 Utility Manager vulnerability. Gives a shell with SYSTEM privileges.

tags | exploit, shell, local
systems | windows
advisories | CVE-2004-0213
SHA-256 | 6b4c09c3bcb0f4713a12fc777f2245169344041b7020220a150fb035f8202c0f
Technical Cyber Security Alert 2004-41A
Posted Feb 11, 2004
Authored by US-CERT | Site cert.org

CERT Advisory TA04-041A - Multiple integer overflow vulnerabilities in the Microsoft Windows ASN.1 parser library could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges. Related eEye advisory here.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | windows
SHA-256 | d15efbcc2142bc5ef34ae1dde8178035fc9aac8c3983d2d7ee7acf880431603c
Cisco Security Advisory 20040129-ms03-049
Posted Jan 30, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040129 - Cisco has released an advisory dictating that their products that make use of the Microsoft Workstation service may be susceptible to attack.

tags | advisory
systems | cisco
SHA-256 | 1d2acb3a56c3682bd561de21733830314524b20731877ce37bc33bbca42fa6ff
rpc_wks_bo.c
Posted Dec 5, 2003
Authored by fiNis

Remote exploit for the Microsoft Windows WKS vulnerability that allows a specially crafted network message the ability to trigger a buffer overflow.

tags | exploit, remote, overflow
systems | windows
SHA-256 | edfa5bc92347e7ff14ee1bf67a915d2b6acf71612cf49daa393a0787dde9ba59
CS-2003-04.txt
Posted Nov 25, 2003
Site cert.org

CERT Quarterly Summary CS-2003-04 - There have been documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange, various SSL/TLS implementations, a buffer overflow in Sendmail, and a buffer management error in OpenSSH. There have also been reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.

tags | advisory, overflow, vulnerability
systems | windows
SHA-256 | 111a7f74273b65a5b0d1626916be4f03e2691e306b91abf17827c06c747319c8
o_wks.c
Posted Nov 14, 2003
Authored by snooq | Site angelfire.com

Remote exploit for the Microsoft Windows Workstation server (WKSSVC) buffer overflow.

tags | exploit, remote, overflow
systems | windows
SHA-256 | bc065ceb1c69049d9ee97b3557d5d4ebae7248616f8a39390fa5de28e7bc3d5e
DCOMnofix.txt
Posted Oct 14, 2003
Authored by VigilantMinds Security Operations Center

Information regarding the fact that the Microsoft Windows patch that supposedly fixed the RPC DCOM vulnerability has failed miserably and patched machines are still vulnerable to attack.

tags | advisory
systems | windows
SHA-256 | e0b7dc71442f34a04b0f99c6e9d07e5c50a1353b46abd96c56ada4b763e14fd8
word.zip
Posted Sep 6, 2003
Authored by Valgasu | Site valgasu.rstack.org

Exploit that makes use of the Microsoft Word WordPerfect document converter which has been found vulnerable to a buffer overflow when a malicious .doc file is opened.

tags | exploit, overflow
SHA-256 | 2fa509d670aa52809545e6a62f5886f884f5b653c4ef5c22e96e146011fc403f
mswordcon.txt
Posted Sep 4, 2003
Authored by Yuji Ukai | Site eEye.com

The Microsoft Word WordPerfect document converter included in Microsoft Word has a buffer overflow bug. If the WordPerfect document converter is installed, which by default it is in Office 2000, and a malicious .doc file is opened, there exists the ability for an attacker to execute arbitrary code.

tags | advisory, overflow, arbitrary
SHA-256 | 01b4f751a89cd097f31a7c747ac7d0760d2324742380f9b6d7d7acc6daac7241
dcomworm.txt
Posted Aug 12, 2003
Authored by Sylvain Descoteaux

Information regarding one variant of the Microsoft Windows DCOM worm that is circulating around the Internet.

tags | advisory, worm
systems | windows
SHA-256 | 59735ded0ae61947b297bce4cc8893aacbe08a99ba65ee013fdc60b7b6f1617c
ms03-001
Posted Jan 25, 2003
Site microsoft.com

Microsoft Security Advisory MS03-001 - A buffer overflow in the Microsoft Windows Locator Service in Windows NT, 2000, and XP allows remote attackers to execute commands on Windows 2000 and NT domain controllers by default, and any other server which has the locator service enabled.

tags | remote, overflow
systems | windows
SHA-256 | 5e5ba03153b589c0275c98e4d61e201733836557a267dfc1f55554c12a2f6cc2
oat-source-1.3.0.zip
Posted Jan 5, 2003
Authored by Patrik Karlsson | Site cqure.net

OAT v1.3.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: Added support for manually specifying remote os when running (O)racle (S)ystem (E)exec. Bugfixes.
tags | java
systems | linux, windows, unix
SHA-256 | f74397f5dff0d95279b307a2fc6334c3acae4a79d5a794fddf202a2e0033b02a
CA-2002-37.windows.shell
Posted Dec 21, 2002
Site cert.org

CERT Advisory CA-2002-37 - A buffer overflow vulnerability in the Microsoft Windows Shell allows remote attackers to execute arbitrary code via malicious email message, malicious web page, or browsing through a folder containing a malicious .MP3 or .WMA file. More information available here.

tags | remote, web, overflow, arbitrary, shell
systems | windows
SHA-256 | b026b59e3f14b7596aad9085a7b4d8183bb3649a364863979123a168facb9351
dotnet-msde.txt
Posted Sep 4, 2002
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Security Research Advisory NISR03092002B - The Microsoft Windows .NET Server Release Candidate contains a buffer overflow in name resolution which allows an attacker without a userID or password to take control of the server with a single packet to UDP port 1434 on the machine running MSDE. Fix available here.

tags | overflow, udp
systems | windows
SHA-256 | 9db34630d664597a8cf29192735e45564c2d9e401bac5a6b0d4ed6fab67a82c6
oat-source-1.2.0.zip
Posted Jul 15, 2002
Authored by Patrik Karlsson | Site cqure.net

OAT v1.2.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: Support for command execution on Solaris was added. Now includes OracleQuery, a minimal commandline sql query tool. Many Bugfixes were made.
tags | java
systems | linux, windows, unix
SHA-256 | 17b789dc0c4f20818e16e097cd8de94348b2acdbe7665d63d8ff1b91c2df0e9b
oat-source-1.1.0.zip
Posted Feb 26, 2002
Authored by Patrik Karlsson | Site cqure.net

OAT 1.1.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

Changes: The password guessing is now done on all SIDs of the database. The SIDs enumeration should now be more reliable, Errors reported in a more readable form.
tags | java
systems | linux, windows, unix
SHA-256 | bc9ed0ea0c85421c9784e1ff06ab40b9281dd0c95e8d3000643a6c092d7de444
sa_04.txt
Posted Oct 12, 2000
Site nsfocus.com

NSFocus Security Advisory(SA2000-04) - A denial of service flaw has been found in the Microsoft Win9x netbios client. An attacker can modify his host file share service and perform DoS attack against a Win9x client that visits it. Windows 95, 98, and 98se are vulnerable.

tags | exploit, denial of service
systems | windows
SHA-256 | 9236c974af81c4c844db26363d287b64b22ac6b3a14b0d4342716a88acbe836a
asb00-20.absentdirectory
Posted Aug 8, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-20) - Microsoft has released a patch for two security vulnerabilities in Microsoft Internet Information Server. In sum, the vulnerabilities could allow a malicious user to stop the web server from providing useful service, or to extract certain types of information from it. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.

tags | web, vulnerability
SHA-256 | c452c9f99992333457e1fa65b182fed52baf14b3311afbe5bb5d098e78289dbc
COVERT-2000-09.netbios
Posted Jul 28, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The Microsoft Windows implementation of NetBIOS allows an unsolicited UDP datagram to remotely deny access to services offered by registered NetBIOS names. An attacker can remotely shut down all Domain Logins, the ability to access SMB shares, and NetBIOS name resolution services. Vulnerable systems include all versions of Microsoft Windows 95, 98, NT and 2000.

tags | udp
systems | windows
SHA-256 | 2d068bd5c36d3f9dd4eb851e353b34f0284a6efd67b392a3dc8c87051d4f5ad9
asb00-13.iis.htr.request
Posted Jul 1, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-13) - Microsoft has released a patch for two security vulnerabilities in Microsoft(r) Internet Information Server. The vulnerabilities could, respectively, be used to slow an affected web server's response or to obtain the source code of certain types of files under very restricted conditions. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.

tags | web, vulnerability
SHA-256 | 1a58b773376c9c2c01005a1c0f9ed18b8211ed7b50a242a2cdbfafac6a359160
asb00-11.iis.imagemap
Posted Jul 1, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-11) - A procedure is available to eliminate a security vulnerability affecting several web server products. The vulnerability could potentially allow a malicious web site visitor to perform actions that the system permissions authorize him to perform, but which he previously may have had no means of actually carrying out. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.

tags | web
SHA-256 | ead49691ad21715e0cc247f3d78fe35d2479b62c76bd26d3dc1a257cf8f8a048
asb00-08.iis.escaped
Posted Jul 1, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-08) - Microsoft has announced a Microsoft has released a patch for a security vulnerability in Microsoft(r) Internet Information Server. The vulnerability could allow a malicious user to slow a web server's response or prevent it from providing service altogether for a period of time. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.

tags | web
SHA-256 | ac68120bd491e52080e26865af69543e2ae53539643caf20528904d3ab4b9ff1
asb00-09.iis.linkview
Posted Jul 1, 2000
Site allaire.com

Allaire Security Bulletin (ASB00-09) - Microsoft has released a procedure to eliminate a security vulnerability that could allow a malicious user to cause a web server to crash, or potentially run arbitrary code on the server, if certain permissions have been changed from their default settings to inappropriate ones. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.

tags | web, arbitrary
SHA-256 | d37d4eb5c51ea92c8c1526fd4f6f594f3d5a6e1b0bfd388cd9f32bae85d8ff8f
scx-sa-02.txt
Posted Apr 21, 2000
Authored by Zoa_Chien

Securax Security Advisory #2 - When the Microsoft Windows explorer tries to access parsing a filename that contains over 129 chars in the extension, a buffer will overflow, causing explorer to crash. EIP is overwritten, remote code execution is possible.

tags | exploit, remote, overflow, code execution
systems | windows
SHA-256 | ca0475e472c074311283c6e68eb2f2b3788eee8f4ebe7e4d9c81e5bfada79c23
Page 4 of 4
Back1234Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close