- •Установка дистрибутива BackTrack
- •Настройка сети
- •Установка сканера Nessus
- •Сканирование машины Oracle
- •Список уязвимостей
- •Vulnerability in Server Service Could Allow Remote Code Execution (917159)
- •Microsoft Windows smb Vulnerabilities Remote Code Execution (958687)
- •Microsoft Windows Server Service Crafted rpc Request Handling Remote Code Execution (958644)
- •Vulnerability in Server Service Could Allow Remote Code Execution (921883)
- •Пример удачного выполнения эксплойта
- •Уязвимые приложения
- •Vulnerability in Microsoft sql Server Could Allow Remote Code Execution (959420)
- •Microsoft sql Server 2000 'sqlvdir.Dll' ActiveX Buffer Overflow Vulnerability
- •Sql Extended Procedure Functions Contain Unchecked Buffers (q319507)
- •Buffer Overruns in sql Server 2000 Resolution Service Could Enable Code Execution (q323875)
- •Malformed rpc Request Can Cause Service Failure
- •Sql Server Text Formatting Functions Contain Unchecked Buffers
- •Microsoft msdtc Service Denial of Service Vulnerability
- •Buffer Overruns in sql Server 2000 Resolution Service Could Enable Code Execution (q323875)
- •Unauthenticated Remote Compromise in ms sql Server 2000
- •1. Internet Information Service remote set password
- •2. Vulnerability in Internet Information Services (iis) ftp Service Could Allow Remote Code Execution (2489256)
- •3. Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
- •4. Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
- •5. Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
- •6. Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
- •7. Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
- •8. Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
2. Vulnerability in Internet Information Services (iis) ftp Service Could Allow Remote Code Execution (2489256)
Дата публикации: 2009/08/31. Тип уязвимости: Отказ в обслуживании, удаленное исполнение кода.
Описание: Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Фактор риска: CVSS Base Score: 9.3 Идентификатор CVE: CVE-2009-3023.
Решение: Исправление опубликовано в Microsoft Security Bulletin MS09-053.
3. Vulnerability in Windows Internet Printing Service Could Allow Remote Code Execution (953155)
Дата публикации: 2008/10/14. Тип уязвимости: Удаленное исполнение кода.
Описание: Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
Фактор риска: CVSS Base Score: 9.0 Идентификатор CVE: CVE-2008-1446.
Решение: Исправление опубликовано в Microsoft Security Bulletin MS08-062.
4. Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
Дата публикации: 2010/06/08. Тип уязвимости: Удаленное исполнение кода.
Описание: Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability."
Фактор риска: CVSS Base Score: 8.5 Идентификатор CVE: CVE-2010-1256.
Решение: Исправление опубликовано в Microsoft Security Bulletin MS10-040.
5. Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
Дата публикации: 2009/06/10. Тип уязвимости: Обход аутентификации.
Описание: The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a "/protected/" initial pathname component to bypass the password protection on the protected\ folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1122.
Фактор риска: CVSS Base Score: 7.6 Идентификатор CVE: CVE-2009-1535.
Решение: Исправление опубликовано в Microsoft Security Bulletin MS09-020.
6. Vulnerability in Internet Information Services Could Allow Elevation of Privilege (942831)
Дата публикации: 2008/02/12. Тип уязвимости: Получение привилегий.
Описание: Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.
Фактор риска: CVSS Base Score: 7.2 Идентификатор CVE: CVE-2008-0074.
Решение: Исправление опубликовано в Microsoft Security Bulletin MS08-005.