|
| Home | Related | Translate | Site Search |
|
|
Vulnerabilities and Exploits
Glossary of Vulnerability Testing Terminology (link)
CERT Coordination Center Papers
-JPEG exploit variant: creation and using by Andrey Bayora
-Hotmail & Passport (.NET Accounts) Vulnerability by Muhammad Faisal Rauf Danka
-The Anatomy of Cross Site Scripting by Gavin Zuchlinski
-XSS: Cross site scripting, detection and prevention by Michael Hendrickx
-Vulnerabilities in your code (pdf)
-Buffer Overflows:Attacks and Defenses for the Vulnerability of the Decade* (pdf)
-How Outlook 2002 can still execute JavaScript in an HTML email message
-Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures
-Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures (2)
-Executing arbitrary commands without Active Scripting or ActiveX. by GreyMagic Software
-Default installation of Internet Explorer 5.5 and 6.0 still allows to execute files on default installations of the target computer
-Extended HTML Form Attack (link) by Eye on Security
-HTML Form Protocol Attack (link) by Jochen Topf
-URL2DWORD. A program to convert URLS to DWORD
-Internet Explorer Pop-Up OBJECT Tag Bug (Revision 2) by the Pull (link)
-Malicious HTML Tags Embedded in Client Web Requests (link)
-HTML Form Protocol Attack
-CodeRedII Worm Analysis
-MS Internet Explorer + OfficeXP full Disclosure Exploit
-Cross-site-scripting holes in Yahoo and Hotmail make it possible to replicate a Melissa-type worm through those webmail services (link)
-Error Handling Exploitation: Cookie Security. A White Paper (link)
-Hijacking the Web: Cookie Security. (link)
-Test Your System for the Infamous IIS Security Holes
-Cuartango IE 5x Exploit (link)
-Cuartango Exploit
-Guninski: XML scripting in IE, Outlook Express
-Guninski: Double clicking on innocent looking files may be dangerous
-Guninski: Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000
-Eudora Silent Delivery and Installation of Executables
-Encapsulation EXE in a VB Script (creation tool)
- HTML.dropper vulnerability allows creation of emails that contain
hidden attachments
-Georgi Genunski: [NT] OBJECT TYPE="text/html" vulnerability in IE 5.5 allows arbitrary command
execution. Read more
-Georgi Guninski security advisory #27 - There is a security vulnerability in IE 5.x, Outlook, and Outlook Express which allows searching for files with specific name (wildcards are allowed) or
content. Combined with other local file reading vulnerabilities this allows attackers to search for
and retrieve any file on a users drive. Read more
-Malicious programs that may be planted
inside PIF-files
-Romeo and Juliet Worm
-iHTML Merchant Vulnerability
-IE vulnerability allows execution of arbitrary programs (.chm files and temporary file folder)
-Malicious programs that may be planted
inside PIF-files
-There is a security vulnerability in IE 5.x, Outlook, and Outlook Express which allows searching for files with specific name (wildcards are allowed) or
content. Combined with other local file reading vulnerabilities this allows attackers to search for
and retrieve any file on a users drive. Georgi Guninski security advisory #27
- IE/Outlook java security vulnerability exposes local files
-Evil HTML / Godmessage
-IE 5.5/Outlook security vulnerability - com.ms.activeX.ActiveXComponent allows executing arbitrary programs
- Double clicking on Office documents may execute arbitrary programs (DLL)
-Exploiting File and Print Sharing by Ghost_Rider.
-ICQ Greeting Card vulnerability
-CERT Advisory CA-2000-12 HHCtrl ActiveX Control Allows Local Files to be Executed
-Serious Microsoft File Association Bug
-Create a shadow directory of the real one
with trojan versions of the same files.
-Relative Registry Paths May Allow Trojans to Run.
- Prevent Cross-Site Scripting Security Issues
-Cross Site Scripting by Microsoft
-IIS 5.0 cross site scripting vulnerability
-Internet Explorer 5.0 under Windows 95/98 (do not know about NT) allows executing arbitrary programs on the local machine
by creating and overwriting local files and putting content in them. Read more
-IE executes arbitrary files thru Microsoft Network
-32% of SSL Servers are insecure by Eric Murray
- Brown Orifice Netscape exploit is vulnerable itself
-Force Feeding files to Internet Explorer.
-Force Feeding files to Internet Explorer 2
-Silent delivery and installation of an executable on a target computer.
-Some email viruses spreading WITHOUT opening attachment.
-Disable ActiveScripting and ActiveX Controls
-IRIX Exploits
-Outlook "Cache Bypass" vulnerability (Patch available).
-Gatekeeper Exploit Code
-RDS/IIS 4.0 Vulnerability and exploit by Rain Forrest Puppy
-NT Bugs (IIS Hack)
-Remotely Exploitable Buffer Overflow in Outlook "Malformed E-mail MIME Header" Vulnerability by USSR.
-Win32 Buffer Overflows by dark spyrit AKA Barnaby Jack
-How to write Buffer Overflows.
-Two new Big Brother vulnerabilities
-IE 5.5 local text file reading vulnerability (DHTMLED).
-Elza is a script language, which doubles as a unique attack tool.
This script language allows you to write simple scripts that mimic HTTP clients, and can be used
to test HTTP servers' security.
-CERT Advisory CA-2000-12 HHCtrl ActiveX Control Allows Local Files to be Executed. Read more.
-klogin remote exploit code
-MDBMS remote exploit code
-Patch Available for the "Frame Domain Verification", "Unauthorized Cookie
Access", and "Malformed Component Attribute" Vulnerabilities
-Microsoft Office 2000 UA ActiveX Control
Incorrectly Marked "Safe for Scripting"
-Timbuktu Pro exploit code
-Eudora Pro and Outlook vulnerable to long filename vulnerability.
-Tools