Computer Security

Search:Vulnerability:13.10.2004
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Windows 2003 server services weak permissions
Published:13.10.2004
Source:BUGTRAQ
SecurityVulns ID:4081
Type:local
Level:4/10
Description:Permissions for distributed Link tracking Server and Internet Connection Firewall Service allow control by unprivileged users.
Affected:MICROSOFT : Windows 2003 Server
Original documentdocumentZiots, Edward, Insecure Default Service DACL's in Windows 2003 (13.10.2004)
Discuss:Read or add your comments to this news (0 comments)

Multiple Microsoft Windows NT RPC bugs
Published:13.10.2004
Source:MICROSOFT
SecurityVulns ID:4082
Type:remote
Level:5/10
Affected:MICROSOFT : Windows NT Server 4.0
Original documentdocumentBINDVIEW, [VulnWatch] BindView Advisory: Memory Leak and DoS in NT4 RPC server (13.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-029 Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) (13.10.2004)
Files:Microsoft Security Bulletin MS04-029 Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350)
Discuss:Read or add your comments to this news (0 comments)

Microsoft WebDAV XML DoS
Published:13.10.2004
Source:MICROSOFT
SecurityVulns ID:4083
Type:remote
Level:6/10
Description:Large number of attributes in requests causes resource exhaustion.
Affected:MICROSOFT : Internet Information Server 5.0
 MICROSOFT : Internet Information Server 5.1
 MICROSOFT : Internet Information Server 6.0
Original documentdocumentAmit Klein (AKsecurity), Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS (13.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-030 Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) (13.10.2004)
Files:Microsoft Security Bulletin MS04-030 Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151)
Discuss:Read or add your comments to this news (0 comments)

ASN.1 compiler multiple bugs
Published:13.10.2004
Source:SECUNIA
SecurityVulns ID:4092
Type:library
Level:5/10
Affected:LIONET : ASN.1 Compiler 0.9
Original documentdocumentSECUNIA, [SA12794] The ASN.1 Compiler Unspecified Security Issues (13.10.2004)
Discuss:Read or add your comments to this news (0 comments)

RIM Blackberry buffer overflow
Published:13.10.2004
Source:FULL-DISCLOSURE
SecurityVulns ID:4093
Type:remote
Level:5/10
Description:Buffer overflow during meetings synchronization with Microsoft Exchange.
Affected:RIM : Blackberry 7230
Original documentdocumentvuln_(at)_hexview.com, [Full-Disclosure] [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss (13.10.2004)
Discuss:Read or add your comments to this news (0 comments)

Windows SMTP service buffer overflow
Published:13.10.2004
Source:MICROSOFT
SecurityVulns ID:4088
Type:remote
Level:6/10
Description:Buffer overflows during preconfigured DNS server reply analisys.
Affected:MICROSOFT : Windows 2003 Server
 MICROSOFT : Exchange 2003
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS04-035 Vulnerability in SMTP Could Allow Remote Code Execution (885881) (13.10.2004)
Files:Microsoft Security Bulletin MS04-035 Vulnerability in SMTP Could Allow Remote Code Execution (885881)
Discuss:Read or add your comments to this news (0 comments)

Microsoft NNTP code execution
Published:13.10.2004
Source:MICROSOFT
SecurityVulns ID:4089
Type:remote
Level:8/10
Description:Multiple bugs during XPAT command parsing.
Affected:MICROSOFT : Windows NT 4.0 Server
 MICROSOFT : Windows 2000 Server
 MICROSOFT : Exchange 2000
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Exchange 2003
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities (13.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-036 Vulnerability in NNTP Could Allow Remote Code Execution (883935) (13.10.2004)
Files:Microsoft Security Bulletin MS04-036 Vulnerability in NNTP Could Allow Remote Code Execution (883935)
Discuss:Read or add your comments to this news (0 comments)

Windows Shell buffer overflow
Published:13.10.2004
Source:MICROSOFT
SecurityVulns ID:4090
Type:remote
Level:6/10
Affected:MICROSOFT : Windows NT 4.0 Server
 MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS04-037 Vulnerability in Windows Shell Could Allow Remote Code Execution (841356) (13.10.2004)
Files:Microsoft Security Bulletin MS04-037 Vulnerability in Windows Shell Could Allow Remote Code Execution (841356)
Discuss:Read or add your comments to this news (0 comments)

Microsoft Excel code execution
updated since 13.10.2004
Published:14.10.2004
Source:MICROSOFT
SecurityVulns ID:4086
Type:client
Level:5/10
Description:Buffer overflow on oversized strings copying.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
Original documentdocumentBrett Moore, [Full-Disclosure] Buffer Overflow In Microsoft Excel (14.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-033 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836) (13.10.2004)
Files:Microsoft Security Bulletin MS04-033 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (886836)
Discuss:Read or add your comments to this news (0 comments)

Microsoft Windows multiple bugs
updated since 13.10.2004
Published:22.10.2004
Source:MICROSOFT
SecurityVulns ID:4085
Type:client
Level:8/10
Description:Windows management API privilege escalation with SetWindowLong()/SetWindowLongPtr() shatter attack, Virtual DOS Machine privilege escalation, EMF/WMF files code execution, DoS.
Affected:MICROSOFT : Windows NT 4.0 Server
 MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumenthouseofdabus HOD, [EXPL] (MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow (PoC) (22.10.2004)
 documentBrett Moore, SetWindowLong Shatter Attacks (14.10.2004)
 documentEEYE, [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation (13.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-032 Security Update for Microsoft Windows (840987) (13.10.2004)
Files:(MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow
 Microsoft Security Bulletin MS04-032 Security Update for Microsoft Windows (840987)
Discuss:Read or add your comments to this news (0 comments)

Multiple Internet Explorer bugs
updated since 13.10.2004
Published:20.01.2005
Source:MICROSOFT
SecurityVulns ID:4091
Type:client
Level:9/10
Description:CSS buffer overflow, local zone scripting, buffer overflow in Install Engine, writing file to any location with drag and drop or scripting in <img> tag, address bar spoofing, SSL crossite scripting.
Affected:MICROSOFT : Internet Explorer 5.5
 MICROSOFT : Internet Explorer 6.0
Original documentdocumentNGSSoftware Insight Security Research, Microsoft Internet Explorer Install Engine Control Buffer Overflow (#NISR19012005a) (20.01.2005)
 documentNGSSoftware Insight Security Research, MSN Heartbeat Control Buffer Overflow (20.01.2005)
 documentCERT, US-CERT Technical Cyber Security Alert TA04-293A -- Multiple Vulnerabilities in Microsoft Internet Explorer (22.10.2004)
 documentNGSSoftware Insight Security Research Advisory (NISR), MSN Gaming Heartbeat Component Buffer Overflow (15.10.2004)
 documentACROS Security, ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer (13.10.2004)
 documentNGSSoftware Insight Security Research Advisory (NISR), Microsoft Internet Explorer Install Engine Control Buffer Overflow (13.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707) (13.10.2004)
Files:Buffer Overflow In Internet Explorer CSS Parsing (mshtml.dll) exploit
 Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707)
Discuss:Read or add your comments to this news (0 comments)

Microsoft Windows NetDDE buffer overflow
updated since 13.10.2004
Published:22.01.2005
Source:MICROSOFT
SecurityVulns ID:4084
Type:remote
Level:7/10
Affected:MICROSOFT : Windows NT 4.0 Server
 MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentNGSSoftware Insight Security Research, [VulnWatch] Microsoft NetDDE Service Unauthenticated Remote Buffer Overflow (22.01.2005)
 documentSinan Eren, ms04-031 pre-auth ?? (18.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-031 (13.10.2004)
Files:(MS04-031) NetDDE buffer overflow vulnerability PoC
 Microsoft Security Bulletin MS04-031 Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
Discuss:Read or add your comments to this news (0 comments)

Windows ZIP folders buffer overflow
updated since 13.10.2004
Published:10.04.2009
Source:MICROSOFT
SecurityVulns ID:4087
Type:library
Level:5/10
Description:Integer overflow in DynaZip (DUNZIP32.DLL) library on oversized filename in archive.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 IBM : Lotus Notes 6.5
 CHECKMARK : MultiLedger 6.0
 INNERMEDIA : DynaZip 3.0
 INNERMEDIA : DynaZip 4.0
 INNERMEDIA : DynaZip 5.0
 MCAFEE : VirusScan 10.0
 DTSEARCH : dtSearch 7.10
 HP : OpenView Performance Agent C.04.60
 HP : OpenView Performance Agent C.04.70
 HP : OpenView Performance Agent C.04.72
CVE:CVE-2008-4420 (Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to execute arbitrary code via a long filename in a ZIP archive during a (1) Fix (aka Repair), (2) Add, (3) Update, or (4) Freshen action, a related issue to CVE-2006-3985.)
Original documentdocumentHP, [security bulletin] HPSBMA02396 SSRT080175 rev.1 - HP OpenView Performance Agent and HP Performance Agent Running on Windows, Remote Execution of Arbitrary Code (10.04.2009)
 documentJuha-Matti Laurio, IBM Lotus Notes DUNZIP32.dll Buffer Overflow Vulnerability (07.09.2006)
 documentJuha-Matti Laurio, McAfee VirusScan DUNZIP32.dll Buffer Overflow Vulnerability (30.03.2006)
 documentJuha-Matti Laurio, dtSearch DUNZIP32.dll Buffer Overflow Vulnerability (21.12.2005)
 documentSECURITEAM, [NT] CheckMark MultiLedger Buffer Overflow Vulnerability (DUNZIP32.dll) (31.10.2005)
 documentEEYE, [Full-Disclosure] EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability (13.10.2004)
 documentMICROSOFT, Microsoft Security Bulletin MS04-034 Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376) (13.10.2004)
Files:Microsoft Windows Vulnerability in Compressed (zipped) Folders (MS04-034) exploit
 Microsoft Security Bulletin MS04-034 Vulnerability in Compressed (zipped) Folders Could Allow Remote Code Execution (873376)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server