remote code execution
Vulnerability in Microsoft Internet Security and Acceleration Server 2000 H.323 Filter Could Allow Remote Code Execution (816458) 1.0
Vulnerability in Microsoft Internet Security and Acceleration Server 2000 H.323 Filter Could Allow Remote Code Execution (816458) is created to allow an attacker to overflow a buffer in the Microsoft Firewall Service in Microsoft Internet Security and Acceleration Server 2000. more>>
Vulnerability in Microsoft Internet Security and Acceleration Server 2000 H.323 Filter Could Allow Remote Code Execution (816458) 1.0 is created to allow an attacker to overflow a buffer in the Microsoft Firewall Service in Microsoft Internet Security and Acceleration Server 2000. An attacker who successfully exploited this vulnerability could try to run code of their choice in the security context of the Microsoft Firewall Service. This would give the attacker complete control over the system.
The H.323 filter is enabled by default on servers running ISA Server 2000 computers that are installed in integrated or firewall mode.
Mitigating factors:
- ISA Servers running in cache mode are not vulnerable because the Microsoft Firewall Service is disabled by default
- Users can prevent the risk of attack by disabling the H.323 filter
Remote Desktop Enabler 2.0
Remote Desktop Enabler allows to enable the remote desktop feature of Windows XP/2000/2003 - Remotely more>>
Remote Desktop Manager 5.5.0.0
Remote Desktop Manager is a small application used to manage all your remote connections and virtual machine. Add, edit, delete, organize or find your remote connection quickly. more>> <<less
Remote Desktop Manager is an application used to manage all your remote connections. Add, edit ... find your remote connection quickly. Remote Desktop Manager 5.0.2.0 - Devolutions incLicense:Freeware
Remote Restart 2.0
Simplest way to remotely shutdown computers. Does not require anything to be installed on the remote computer or server. more>>
USB Remote Drive Disabler 2.0
USB Remote Drive Disabler more>> Allows you to easily enable or disable USB drives on your Windows 2000, 2003, or XP systems - across your LAN<<less
EMCO Remote Registry Exporter 1.25.3
Sometimes you need to collect information about different registry keys and their values for different programs installed on your machines. Manually o... more>> <<less
Floppy Remote Drive Disabler 2.0
Disable Floppy Drives - Remotely more>> Allows you to easily enable or disable floppy drives on your Windows 2000, 2003, or XP systems - across your LAN<<less
Remote Control Manager 1.4.13
Remote Control Manager offers you a great tool which can manage all network devices in one central system that is accessible by all technical support help desk staff. more>> <<less
Carl Green - Remote Control Manager is designed to be a complete solution forLicense:Freeware
Buffer Overrun in MDAC Function Could Allow Code Execution (832483) 1.0
Buffer Overrun in MDAC Function Could Allow Code Execution (832483) is an advanced program which satisfies you with a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client. more>>
Buffer Overrun in MDAC Function Could Allow Code Execution (832483) 1.0 is an advanced program which satisfies you with a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client.
When a client system on a network tries to see a list of computers that are running SQL Server and that reside on the network, it sends a broadcast request to all the devices that are on the network. Because of a vulnerability in a specific MDAC component, an attacker could respond to this request with a specially-crafted packet that could cause a buffer overflow.
An attacker who successfully exploited this vulnerability could gain the same level of privileges over the system as the program that initiated the broadcast request. The actions an attacker could carry out would be dependent on the permissions under which the program using MDAC ran. If the program ran with limited privileges, an attacker would be limited accordingly; however, if the program ran under the local system context, the attacker would have the same level of permissions.
Since the original version of MDAC on your system may have changed from updates available on the Microsoft Web site, recommend using the following tool to determine the version of MDAC you have on your system: Microsoft Knowledge Base article 301202 "HOW TO: Check for MDAC Version" discusses this tool and explains how to use it. Also, Microsoft Knowledge Base article 231943 discusses the release history of the different versions of MDAC.
Mitigating factors:
- For an attack to be successful an attacker would have to simulate a SQL server that is on the same IP subnet as the target system.
- When a client system on a network tries to see a list of computers that are running SQL Server and that reside on the network, it sends a broadcast request to all the devices that are on the network. A target system must initiate such a broadcast request to be vulnerable to an attack. An attacker would have no way of launching this first step but would have to wait for anyone to enumerate computers that are running SQL Server on the same subnet. Also, a system is not vulnerable by having these SQL management tools installed.
- Code executed on the client system would only run under the privileges of the client program that made the broadcast request.
Microsoft Chat Unchecked Buffer in MSN Chat Control Can Lead to Code Execution 4.2
Microsoft Chat Unchecked Buffer in MSN Chat Control Can Lead to Code Execution is regarded as a convenient as well as useful tool which is available for direct download and ships with MSN Messenger and Exchange Instant Messenger. more>>
Microsoft Chat Unchecked Buffer in MSN Chat Control Can Lead to Code Execution 4.2 is regarded as a convenient as well as useful tool which is available for direct download and ships with MSN Messenger and Exchange Instant Messenger.
- Impact of vulnerability: Run Code of Attacker's Choice
- Maximum Severity Rating: Critical
- Recommendation: Customers who did not install the updates when they were originally released should install the upgraded updates immediately; customers who installed the original updates should consider installing the upgraded updates.
Affected Software:
- Microsoft MSN Chat Control
- Microsoft MSN Messenger 4.5 and 4.6, which includes the MSN Chat control
- Microsoft Exchange Instant Messenger 4.5 and 4.6, which includes the MSN Chat control
Requirements:
- Windows NT 4 SP 6
- Windows 2003 SP 1
- Windows XP AMD 64-bit
- Windows XP 64-bit SP 1
- Windows NT 4 SP 2
- Windows 2000 SP 1
- Windows 2003 64-bit
- Windows 2003 AMD 64-bit
- Windows XP 64-bit SP 2
- Windows NT 4 SP 3
- Windows 2000 SP 2
- Windows Server 2003 x64 R2
- Windows 2000
- Windows 2003 64-bit SP 1
- Windows Vista AMD 64-bit
- Windows XP Itanium 64-bit
- Windows NT 4 SP 4
- Windows 2000 SP 3
- Windows NT 4
- Windows XP 32-bit
- Windows XP SP 1
- Windows Server 2003 x86 R2
- Windows ME
- Windows 2003 Itanium 64-bit
- Windows NT 4 SP 5
- Windows 2000 SP 4
- Windows Vista 32-bit
- Windows XP 64-bit
- Windows NT 4 SP 1
- Windows Server 2008 x64
- Windows NT 3
- Windows Server 2008 x86
- Windows XP
- Windows Server 2008
- Windows 2003
- Windows Vista Itanium 64-bit
- Windows XP Itanium 64-bit SP 1
- Windows 2003 32-bit
- Windows XP Itanium 64-bit SP 2
- Windows XP SP 2
- Windows 95
- Windows 98
- Windows Vista
- Windows NT
- Windows 2003 Itanium 64-bit SP 1
- Windows XP Pro
Microsoft Internet Explorer HTML Help File Code Execution Vulnerability patch 6-8-2000
Microsoft has released a patch that eliminates a security vulnerability in the HTML Help facility that ships with Microsoft® Internet Explorer. Under certain conditions,the vulnerability could allow more>> <<less
Microsoft WMF Security Patch
Security update from Microsoft to fix a remote code execution security issue more>>
BySoft Internet Remote Control 2.6.4.599
BySoft Internet Remote Control 2.6 enables remote monitoring and control of a DialUp connection. It also enables message communication between connected users and remote program execution on the server. more>> <<less
BySoft Internet Remote Control 2.6 enables remote ... It also enables message communication between connected users and remote program executionLicense:Freeware
License:Freeware
License:Freeware
BySoft - BySoft Internet Remote Control 2.6 enables remotemini iTunes Remote 1.0
mini iTunes Remote is the eighth Widget in the mini Widget series more>>
mini iTunes Remote is a complete redesign and coding effort of the iTunes Remote that ships with Konfabulator. This version features a compact design, the ability to change your ratings, and and set your iChat status to your current playing track.
This release of mini iTunes Remote is the first in a series of different appearances.
Now with Cross-platform goodness!
Microsoft Security Bulletin MS03-043 828035
Buffer Overrun in Could Allow Code Execution more>> A security vulnerability exists in the Messenger Service that could allow arbitrary code execution on an affected system. The vulnerability results because the Messenger Service does not properly validate the length of a message before passing it to the allocated buffer.
An attacker who successfully exploited this vulnerability could be able to run code with Local System privileges on an affected system, or could cause the Messenger Service to fail. The attacker could then take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges.
<<less
