Free buffer overflow software for windows

Windows Phone Book Service Buffer Overflow Vulnerability Patch 1.0 is developed to be a helpful program to remove a security vulnerability in an optional service that ships with Windows 2000 Servers. The vulnerability could allow a malicious user to execute hostile code on a remote server that is running the service.

Windows 2000 HyperTerminal Buffer Overflow Vulnerability Patch May 25, 2001 is an update to resolve the 'HyperTerminal Buffer Overflow' security vulnerability in Windows 2000. If you receive and open an HTML e-mail message that contains a particularly malformed Web address (URL), the URL can be used to exploit this vulnerability and run arbitrary code on your computer.

The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a user opened an HTML mail that contained a particularly malformed Telnet URL, it would result in a buffer overrun that could enable the creator of the mail to cause arbitrary code to run on the user?s system. HyperTerminal is the default Telnet client on Windows 98, 98SE and ME. However, it is not the default Telnet client on Windows 2000, and Windows 2000 users who have not taken steps to make it the default Telnet client would not be affected by the vulnerability. (Windows NT4.0 is not affected by this vulnerability. The HyperTerminal client that ships with Windows NT4 does not include a TCP/IP connection method. As such, the NT4 HyperTerminal client cannot be setup as the default telnet client, and would not launch in response to a supplied Telnet URL.)

The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a user opened an HTML mail that contained a particularly malformed Telnet URL, it would result in a buffer overrun that could enable the creator of the mail to cause arbitrary code to run on the user?s system. HyperTerminal is the default Telnet client on Windows 98, 98SE and ME. However, it is not the default Telnet client on Windows 2000, and Windows 2000 users who have not taken steps to make it the default Telnet client would not be affected by the vulnerability. (Windows NT4.0 is not affected by this vulnerability. The HyperTerminal client that ships with Windows NT4 does not include a TCP/IP connection method. As such, the NT4 HyperTerminal client cannot be setup as the default telnet client, and would not launch in response to a supplied Telnet URL.)

ASF Buffer Fix - change values and fix ASF Buffer problems If you often run ASF/WMV files through Windows Media Stream Editor (to fix files that wont seek, remove extra streams, etc.), you may have seen this error message: "The video buffer setting is not valid".
ASF Buffer Fix is a simple tool designed to change a few values in the file headers to fix this problem. This is done in-place (without writing a new copy of the file) and is very quick.
System requirements:
- NET Framework 2.0

Buffer Overrun in MDAC Function Could Allow Code Execution (832483) 1.0 is an advanced program which satisfies you with a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client.

When a client system on a network tries to see a list of computers that are running SQL Server and that reside on the network, it sends a broadcast request to all the devices that are on the network. Because of a vulnerability in a specific MDAC component, an attacker could respond to this request with a specially-crafted packet that could cause a buffer overflow.

An attacker who successfully exploited this vulnerability could gain the same level of privileges over the system as the program that initiated the broadcast request. The actions an attacker could carry out would be dependent on the permissions under which the program using MDAC ran. If the program ran with limited privileges, an attacker would be limited accordingly; however, if the program ran under the local system context, the attacker would have the same level of permissions.

Since the original version of MDAC on your system may have changed from updates available on the Microsoft Web site, recommend using the following tool to determine the version of MDAC you have on your system: Microsoft Knowledge Base article 301202 "HOW TO: Check for MDAC Version" discusses this tool and explains how to use it. Also, Microsoft Knowledge Base article 231943 discusses the release history of the different versions of MDAC.

Mitigating factors:

1. For an attack to be successful an attacker would have to simulate a SQL server that is on the same IP subnet as the target system.
2. When a client system on a network tries to see a list of computers that are running SQL Server and that reside on the network, it sends a broadcast request to all the devices that are on the network. A target system must initiate such a broadcast request to be vulnerable to an attack. An attacker would have no way of launching this first step but would have to wait for anyone to enumerate computers that are running SQL Server on the same subnet. Also, a system is not vulnerable by having these SQL management tools installed.
3. Code executed on the client system would only run under the privileges of the client program that made the broadcast request.