denial of service vulnerability
Windows NT NNTP Denial of Service Vulnerability Patch MS01-043
Windows NT NNTP Denial of Service Vulnerability Patch has come as a smart tool to remove a denial of service vulnerability in Windows NT 4.0 computers more>>
Windows NT NNTP Denial of Service Vulnerability Patch MS01-043 has come as a smart tool to remove a denial of service vulnerability in Windows NT 4.0 computers running the Network News Transfer Protocol (NNTP) service. This denial of service vulnerability exists because the NNTP service in computers running Windows NT 4.0 contains a memory leak. If a malicious user sends a large amount of specially malformed data to an affected server, it can deplete the memory that is available to the server, which can cause the server to stop performing.
Windows 2000 NNTP Denial of Service Vulnerability Patch MS01-043
Windows 2000 NNTP Denial of Service Vulnerability Patch is developed to be a handy tool to remove a denial of service vulnerability in Windows 2000 computers running the Network News Transfer Protocol (NNTP) service. more>>
Windows 2000 NNTP Denial of Service Vulnerability Patch MS01-043 is developed to be a handy tool to remove a denial of service vulnerability in Windows 2000 computers running the Network News Transfer Protocol (NNTP) service. This denial of service vulnerability exists because the NNTP service in Windows 2000 contains a memory leak. If a malicious user sends a large amount of specially malformed data to an affected server, it can deplete the memory that is available to the server, which can cause the server to stop performing.
WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074)
WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074) is a professional and smart patch which eliminates a security vulnerability in Microsoft WebTV for Windows. more>>
WebTV Denial of Service Vulnerability Patch (Windows Me) (MS00-074) is a professional and smart patch which eliminates a security vulnerability in Microsoft WebTV for Windows.
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for Windows. Restarting the application and/or system will return the system to its normal state.
Although the WebTV for Windows application ships with Windows 98, 98SE, and Windows Me products, the application is not installed by default, and customers who have not installed it would are not at risk.
Microsoft Windows ME Security Patch: WebTV for Windows Denial of Service Vulnerability 10-11-00
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for more>>
Microsoft Windows 98/98SE Security Patch: WebTV for Windows Denial of Service Vulnerability 10-11-00
There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer system running WebTV for more>>
Personal Web Server File Access Vulnerability Patch (FrontPage 98)
Eliminate a vulnerability in your FrontPage Personal Web Server running on Windows 95/98. more>> <<less
Microsoft XML 2.0 Core Services Vulnerability Patch MS02-008
Microsoft XML 2.0 Core Services Vulnerability Patch MS02-008 is a patch dealing with Microsoft XML 2.0 Core Services Vulnerability. more>>
Microsoft XML 2.0 Core Services Vulnerability Patch MS02-008 is a patch dealing with Microsoft XML 2.0 Core Services Vulnerability. Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources.
A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.
Microsoft XML 3.0 Core Services Vulnerability Patch MS02-008
Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT more>>
Microsoft XML 3.0 Core Services Vulnerability Patch MS02-008 has come as a useful and essential patch which features the XMLHTTP ActiveX control, enabling web pages reading and rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources.
A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site. A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.
Microsoft XML 4.0 Core Services Vulnerability Patch MS02-008
Microsoft XML Core Services (MSXML) includes the XMLHTTP ActiveX control, which allows web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT more>>
Microsoft XML 4.0 Core Services Vulnerability Patch MS02-008 is launched as a useful and essential patch which features the XMLHTTP ActiveX control, enabling web pages rendering in the browser to send or receive XML data via HTTP operations such as POST, GET, and PUT. The control provides security measures designed to restrict web pages so they can only use the control to request data from remote data sources. A flaw exists in how the XMLHTTP control applies IE security zone settings to a redirected data stream returned in response to a request for data from a web site.
A vulnerability results because an attacker could seek to exploit this flaw and specify a data source that is on the user's local system. The attacker could then use this to return information from the local system to the attacker's web site. An attacker would have to entice the user to a site under his control to exploit this vulnerability. It cannot be exploited by HTML email. In addition, the attacker would have to know the full path and file name of any file he would attempt to read. Finally, this vulnerability does not give an attacker any ability to add, change or delete data.
Windows 2000 LPC Vulnerability Patch
Windows 2000 LPC Vulnerability Patch is a highly-efficient, high-quality patch which eliminates several security vulnerabilities that could allow a range of effects, from denial of service attacks to, in some cases, privilege elevation. more>>
Windows 2000 LPC Vulnerability Patch is a highly-efficient, high-quality patch which eliminates several security vulnerabilities that could allow a range of effects, from denial of service attacks to, in some cases, privilege elevation. Several vulnerabilities have been identified in the Windows NT 4.0 and Windows 2000 implementations of LPC and LPC ports:
- The Invalid LPC Request vulnerability, which affects only Windows NT 4.0. By levying an invalid LPC request, it would be possible to make the affected system fail.
- The LPC Memory Exhaustion vulnerability, which affects both Windows NT 4.0 and Windows 2000. By levying spurious LPC requests, it could be possible to increase the number of queued LPC messages to the point where kernel memory was depleted.
- The Predictable LPC Message Identifier vulnerability, which affects both Windows NT 4.0 and Windows 2000. Any process that knows the identifier of an LPC message can access it; however, the identifiers can be predicted. In the simplest case, a malicious user could access other process LPC ports and feed them random data as a denial of service attack. In the worst case, it could be possible, under certain conditions, to send bogus requests to a privileged process in order to gain additional local privileges.
- A new variant of the previously-reported Spoofed LPC Port Request vulnerability. This vulnerability affects Windows NT 4.0 and Windows 2000, and could, under a very restricted set of conditions, allow a malicious user to create a process that would run under the security context of an already-running process, potentially including System processes.
Windows Vulnerability Scanner 1.39
Windows Vulnerability Scanner is a helpful and convenient-to-use program that makes it quick and easy to check your system for Windows Vulnerabilities. It guides you to update with the right patch to make your system secure. more>> <<less
Windows 2000 Telnet Server Flooding Vulnerability Patch
Windows 2000 Telnet Server Flooding Vulnerability Patch is a simple and salutary vulnerability which has been discovered in the Telnet Server that ships with Microsoft Windows 2000. more>>
Windows 2000 Telnet Server Flooding Vulnerability Patch is a simple and salutary vulnerability which has been discovered in the Telnet Server that ships with Microsoft Windows 2000.
The denial of service can occur when a malicious client sends a particular malformed string to the server. Although the Telnet service is provided as part of Windows 2000 products, the service is not enabled by default, and customers who have not enabled it would not be at risk. Even in affected systems, the effect of the vulnerability is limited to Telnet itself there is no capability to cause other services to fail, or to cause Windows 2000 to fail. Telnet services could be restored after an attack by restarting the Telnet Server.
Microsoft has released this patch to eliminate this security vulnerability.
Windows Phone Book Service Buffer Overflow Vulnerability Patch 1.0
Windows Phone Book Service Buffer Overflow Vulnerability Patch is developed to be a helpful program to remove a security vulnerability in an optional service more>>
Windows Phone Book Service Buffer Overflow Vulnerability Patch 1.0 is developed to be a helpful program to remove a security vulnerability in an optional service that ships with Windows 2000 Servers. The vulnerability could allow a malicious user to execute hostile code on a remote server that is running the service.
Microsoft Windows 2000 Patch: Denial Of Service At
Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols more>> Among the components provided by Services for Unix (SFU) 2.0 are services that implement the NFS (Network File System) and Telnet protocols. Both services contain memory leaks that could be triggered by a user request. Download now to prevent an attacker deliberately sending such requests in order to deplete kernel memory and prevent the server from performing useful service.<<less
Microsoft SQL Server 7.0 DTS Password Vulnerability Patch N/A
Microsoft SQL Server 7.0 DTS Password Vulnerability Patch N/A is a reliable and useful live update Patch which eliminates a security vulnerability in the Data Transformation Services component in Microsoft SQL Server 7.0 that could compromise passwords. more>>
Microsoft SQL Server 7.0 DTS Password Vulnerability Patch N/A is a reliable and useful live update Patch which eliminates a security vulnerability in the Data Transformation Services component in Microsoft SQL Server 7.0 that could compromise passwords.
