Efilter is an automatic exception reporting utility. It is very useful and handy while doing vulnerability research on any software designed to work under Windows NT platforms. Due to that it hooks KiUserExceptionDispatcher function, it acts BEFORE any of program's active SEH frames take over the exception. In short words it reports programs exceptions even if they are handled by original program.

HP Security Bulletin - A potential vulnerability has been identified with Openview Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to gain privileged access. Affected versions: Openview Network Node Manager (OV NNM) 6.2, 6.4, 7.01, 7.50 running on HP-UX, Solaris, Windows NT, Windows 2000, Windows XP, and Linux.

Protty is a ring 3 library developed to protect against shellcode execution on Windows NT based systems.

Debian Security Advisory DSA 830-1 - Drew Parsons noticed that the post-installation script of ntlmaps, an NTLM authorization proxy server, changes the permissions of the configuration file to be world-readable. It contains the user name and password of the Windows NT system that ntlmaps connects to and, hence, leaks them to local users.

318 byte useradd shellcode for Russian Windows NT/2k/XP variants.

GoodTech Telnet Server for Windows NT/2000.

A critical security vulnerability has been found in the Windows NT Message compiler. Arbitrary code execution might be possible.

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These include Windows NT domain authentication bypass, IPv6 denial of service, and a Crypto Accelerator memory leak.

This Metasploit module exploits a stack overflow in the NetApi32 CanonicalizePathName() function using the NetpwPathCanonicalize RPC call in the Server Service. It is likely that other RPC calls could be used to exploit this service. This exploit will result in a denial of service on on Windows XP SP2 or Windows 2003 SP1. A failed exploit attempt will likely result in a complete reboot on Windows 2000 and the termination of all SMB-related services on Windows XP. The default target for this exploit should succeed on Windows NT 4.0, Windows 2000 SP0-SP4+, Windows XP SP0-SP1 and Windows 2003 SP0.

This Metasploit module exploits a stack overflow in the RPCSS service, this vulnerability was originally found by the Last Stage of Delirium research group and has bee widely exploited ever since. This Metasploit module can exploit the English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 all in one request :)

This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This Metasploit module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server will continue processing requests, but you will have trouble terminating a bind shell. If you set EXITFUNC to thread, the server will crash upon exit of the bind shell. The payload is alpha-numerically encoded without a NOP sled because otherwise the data gets mangled by the filters.

This registry code allows any terminal client access to a Terminal Server. It bypasses the Microsoft "Terminal Server License" and allows the client to create a session on the server without a CAL (Client Access License) or MS Open License. It works on WinNT, Win2000, Win2003 server and Win2008 server.

Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7 NtVdmControl()->KiTrap0d local ring0 exploit. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.

There exists an unauthenticated SEH based vulnerability in the HTTP server of Sync Breeze Enterprise version 10.1.16, when sending a GET request with an excessive length it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows NT AUTHORITYSYSTEM account. The SEH record is overwritten with a "POP,POP,RET" pointer from the application library libspp.dll. This exploit has been successfully tested on Windows XP, 7 and 10 (x86->x64). It should work against all versions of Windows and service packs.

South African Energy Minister Tina Joemat-Pettersson said her department wants to address weaknesses in the process of commissioning renewable-power projects.

Investments in new clean-energy capacity will total $1.61 trillion through 2020 even as the expansion of renewables is expected to slow, the International Energy Agency said.

Eco Wave Power, based in Israel, plans to raise $5 million by the end of the year to further develop its technology and projects that harness the power of the ocean to generate electricity.

Clean energy stocks and the market in general rebounded strongly in August. My broad market benchmark of small cap stocks, IWM, rose 4.5 percent, returning to positive territory up 1.7 percent for the year. My clean energy benchmark PBW also jumped back into the black with an 11.1 percent gain for the month and 10.8 percent for the year to date.

It was good news for renewable energy when President Barack Obama in June proposed carbon dioxide restrictions on existing power plants. It is even better news now that he may use the plan to leverage an international climate accord.

Marine Current Turbines (MCT), the tidal energy company owned by German engineering giant Siemens has announced that it has suspended development of a planned 10 MW tidal array in Wales.

Yield-cos have been grabbing headlines lately. Typically, large utilities spin off their high-yield alternative energy operations into separate smaller companies called yield-cos. These new companies are then taken public to attract individual and institutional investors.

The threat of climate change is driving China and the U.S. — frequent rivals and the world’s two largest greenhouse-gas emitters — to collaborate on dozens of potential clean-energy breakthroughs.

More than 100 world leaders converged upon New York City today to discuss international efforts to reduce carbon emissions and combat climate change. The list of speakers at the UN Climate Summit included U.S. President Barack Obama, UK Prime Minister David Cameron, Brazilian President Dilma Rousseff, French President François Hollande, and Chinese Vice Premier Zhang Gaoli.