URLScan Tool

Security 10941 Published by Philipp Esselbach 0

Thanks Clutch for this one:
Microsoft released today a tool called URLScan that could be a valuable security asset. It is an ISAPI filter (consequently, it will always run in process), that will analyze an incoming request and screen them according to a ruleset created by the administrator. This is the same kind of technology used by IISSecure created by Eeye which has proven to be an effective security tool. It would be ideal if a malformed or suspect URL never reached IIS for processing in the first place.

Download

Malformed Request to RPC Endpoint Mapper can Cause RPC ....

Security 10941 Published by Philipp Esselbach 0

.... Service to Fail

The RPC endpoint mapper allows RPC clients to determine the port number currently assigned to a particular RPC service. The Windows NT 4.0 endpoint mapper contains a flaw that causes it to fail upon receipt of a request that contains a particular type of malformed data.

Because the endpoint mapper runs within the RPC service itself, exploiting this vulnerability would cause the RPC service itself to fail, with the attendant loss of any RPC-based services the server offers, as well as potential loss of some COM functions. Normal service could be restored by rebooting the server.

Read more

Web Woes Return to China with Code Blue Worm

Security 10941 Published by Philipp Esselbach 0

A new Internet worm has emerged in China akin to the Code Red worm, which caused $2.4 billion in estimated cleanup costs on Internet-linked computers last month, a computer security expert said on Friday.

The Code Blue worm has similarities with the Code Red worm, which caused widespread problems, said a worker at the police-run Computer Virus Treatment Center in Tianjin, about 54 miles from Beijing.

Read more

HFNetChk

Security 10941 Published by Philipp Esselbach 0

Thanks Clutch for this one:

HFNetChk is a command-line tool that enables an administrator to check the patch status of all the machines in a network from a central location. The tool does this by referring to an XML database that's constantly updated by Microsoft. HFNetChk can be run on Windows NT 4.0 or Windows 2000 systems, and will scan either the local system or remote ones for patches available for the following products:

Windows NT 4.0
Windows 2000
All system services, including Internet Information Server 4.0 and 5.0
SQL Server 7.0 and 2000 (including Microsoft Data Engine)
Internet Explorer 5.01 and later

Read more

OWA Function Allows Unauthenticated User to Enumerate ....

Security 10941 Published by Philipp Esselbach 0

.... Global Address List

Among the functions Outlook Web Access (OWA) in Exchange 5.5 offers is the ability to search the global address list (GAL). By design, this is an authenticated function, implemented as a two-tier architecture - a front tier that provides a user interface and a back-end tier that actually performs the search. However, only the front tier actually checks authentication. An attacker who sent a properly formatted request to the back-end function that actually performs the search could enumerate the GAL without authenticating.

Read more

DSNS: an advanced network scanner for Windows 2000

Security 10941 Published by Philipp Esselbach 0

Thanks to CestLaVie for this one:

DSNS: an advanced network scanner for Windows 2000
When you're just starting out as a system administrator at a new network, sometimes you just want to know which machine runs which services. There aren't many better methods to do that than to run a portscan. DSNS is an advanced network scanner for Windows 2000 that will certainly aid you in this task.

Read more

Cache Corruption on Microsoft DNS Servers

Security 10941 Published by Philipp Esselbach 0

Thanks to CestLaVie for this one:

Cache Corruption on Microsoft DNS Servers
Release Date: August 31, 2001

Systems Affected
Microsoft Windows NT 4.0 and Windows 2000 systems running Microsoft DNS Server

The CERT/CC has received reports from sites experiencing cache corruption on systems running Microsoft DNS Server. The default configuration of this software allows data from malicious or incorrectly configured servers to be cached in the DNS server. This corruption can result in erronous DNS information later being returned to any clients which use this server.

Read more

Qwest wont credit Code Red victims

Security 10941 Published by Philipp Esselbach 0

The state attorney general has asked Qwest to give refunds to customers who lost high-speed Internet connections as a result of the Code Red computer worm attack, but the Denver-based Internet access provider is refusing.

Read more

Access Violation in Windows 2000 IRDA Driver ....

Security 10941 Published by Philipp Esselbach 0

... Can Cause System to Restart

Microsoft Windows 2000 provides support for infrared-based connectivity. This support is provided through protocols developed by the Infrared Data Association (IRDA). Because of this, they are often called IRDA devices. These devices can be used to share files and printers with other IRDA-device capable systems. The software which handles IRDA devices in Windows 2000 contains an unchecked buffer in the code which handles certain IRDA packets.

A security vulnerability results because it is possible for a malicious user to send a specially crafted IRDA packet to the victim's system. This could enable the attacker to conduct a buffer overflow attack and cause an access violation on the system, forcing a reboot. To be best of our knowledge, it cannot be used to run malicious code on the user's system.

Read more

Hotmail Hole Exposes Subscribers E-mail

Security 10941 Published by Philipp Esselbach 0

Thanks to CestLaVie for this one:

A security hole in MSN Hotmail, Microsoft's Web-based e-mail service, allows any account holder to view other users' private messages, according to the hacker e-zine Root-Core Network. In a bulletin posted on the outfit's Web site Saturday, Root-Core members demonstrated how specially crafted uniform resource locators (URLs) could do an end-run around password security on the Hotmail servers

Read more

Previous Page

Next Page

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...