exploits , vulnerabilities , articles , Microsoft Windows 2000 Resource Kit W3Who.DLL Multiple Remote Vulnerabilities

Title	Microsoft Windows 2000 Resource Kit W3Who.DLL Multiple Remote Vulnerabilities
Published	2004-12-06-12:00AM
Updated	2005-01-11-07:46PM
Class	Boundary Condition Error
CVE	CAN-2004-1133 CAN-2004-1134
Remote	Yes
Local	No
Credit	Nicolas Gregoire <ngregoire@exaprobe.com> is credited with the discovery of this issue.
Vulnerable	Microsoft w3who.dll Microsoft Windows 2000 Resource Kit
Not Vulnerable
Code	The following proof of concept exploits have been made available: XSS vulnerability when displaying HTTP headers : Connection: keep-alive<script>alert("Hello")</script> XSS vulnerability in error message : http://www.example.com/scripts/w3who.dll?bogus=<script>alert("Hello")</script> Buffer overflow when called with long parameters : http://www.example.com/scripts/w3who.dll?AAAAAAAAA...[519 to 12571]....AAAAAAAAAAAAA An exploit for the w3who.dll buffer overflow has been released as part of the MetaSploit Framework 2.3. /data/vulnerabilities/exploits/iis_w3who_overflow.pm
TXT

Vulnerabilities - newest 10 RSS | More

2009-01-09 MODx Prior to 0.9.6.3 Multiple Cross Site Scripting Vulnerabilities
2009-01-09 Check Point SecurePlatform Unspecified Remote Security Vulnerability
2009-01-09 Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
2009-01-09 NetGear WG102 SNMP Write Community String Information Disclosure Vulnerability
2009-01-09 Serv-U Remote Denial of Service Vulnerabilities
2009-01-09 QuoteBook Information Disclosure, SQL Injection and HTML Injection Vulnerabilities
2009-01-08 Oracle January 2009 Oracle Critical Patch Update Pre-Release Announcement Multiple Vulnerabilities
2009-01-08 Microsoft January 2009 Advance Notification Multiple Vulnerabilities
2009-01-08 IBM WebSphere DataPower XML Security Gateway XS40 Remote Denial Of Service Vulnerability
2009-01-08 Drupal Project Release Module Multiple Remote Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 10 Jan 2009 03:47:51 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Sex vidiyo php-nuke 2 Woltlab Li Thisha sex sania merz news for c catalina p www.sex.tv WMA conver php-nuke 2 www.1982dy remote r00 Solaris ma Sexiphoto. al7ejaz pakistanse Sexi aks www.sscres allinurl:n mallumasal free fukin kannada baaliwoods fottboll WWW.ANIMAL search/exp ArticleBea 234 sh0ut cast www.94fb.c php-nuke 2 sex emage www.sexy w klip Www.fun4mo Cobalt Wwfnude-gi vunessa hu fox2010 .dot Porn Video %2Fsearch% 200 %2Fmod window car 91bgo.com news for C www.oldiez www.8938.o SexPicture 200 %2Fmod