Free falcove web vulnerability scanner penetration tool software for windows

Groovy Lava Screensaver Creator 2.0 is a program including some ActiveX controls that offers users limited functionality of Microsoft Office in a Web browser without requiring that the user install the full Microsoft Office application. This allows users to utilize Microsoft Office applications in situations where installation of the full application is infeasible or undesirable. The control contains three security vulnerabilities, each of which could be exploited either via a Web site or an HTML mail. They could allow an attacker to read any text that the user had copied or cut from within other applications, and provide an attacker with a way to read any desired file on the user's system; and the most serious of vulnerabilities could allow an attacker to run commands on the user's system.

IIS5 Malformed WebDAV Request Vulnerability Patch MS01-016 (3/08/01) is an update addressing the "Malformed WebDAV Request Can Cause IIS to Exhaust CPU Resources" security vulnerability in Internet Information Services (IIS) 5.0. It is discussed in Microsoft Security Bulletin MS01-016. Download now to prevent a malicious user from temporarily disrupting your Web services.

This vulnerability exists because Web distributed authoring and versioning (WebDAV) incorrectly processes specially malformed requests. (WebDAV is a component of IIS 5.0 that enables users to add and manage content on a Web server remotely.) If a malicious user sends a stream of specially malformed requests to an affected server, the Central Processing Unit (CPU) usage will significantly increase, disrupting Web services for as long as the stream of malformed requests continues.

Microsoft "Malformed Web Form Submission" Vulnerability Patch (IIS 5.0) MS00-100 is designed to be a useful program to remove a security vulnerability in a component that ships as part of Microsoft Internet Information Server. The vulnerability could potentially allow an attacker to prevent an affected Web server from providing useful service.

The FrontPage Server Extensions (FPSE) ship with and are installed by default as part of IIS 4.0 and 5.0. The most familiar FPSE functions allow Web site and content management; however, FPSE also provides browse-time support functions. Among the functions included in the latter category are ones that help process Web forms that have been submitted by a user. A vulnerability exists in one of these functions. If a malicious user levied a specially-malformed form submission to an affected server, it would cause the IIS service to fail. The vulnerability does not provide the opportunity to misuse any of the FPSE administrative or content management functions.

To resume normal operation on an IIS 4.0 server, the operator would need to restart the service. In contrast, if an IIS 5.0 server were attacked via this vulnerability, the IIS service would, by default, automatically restart almost immediately. Although any Web sessions that were in progress at the time of the attack would be lost, the server would be able to accept new connections as soon as the service was restarted. FPSE is installed by default as part of IIS 4.0 and 5.0, but, in keeping with best practices, Microsoft recommends that they be disabled if not needed.