what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 68 RSS Feed

Files from Georgi Guninski

Email addressguninski at guninski.com
First Active1999-08-17
Last Active2024-01-29
Chrome 121 Javascript Fork Malloc Bomb
Posted Jan 29, 2024
Authored by Georgi Guninski

Chrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash.

tags | exploit, denial of service, javascript
SHA-256 | c5fe58fff9338fa2b857b94610a42def7f40d9f7d58140b30fcf25e66b5a7686
Firefox 121 / Chrome 120 Denial Of Service
Posted Jan 19, 2024
Authored by Georgi Guninski

Firefox version 121 and Chrome version 120 may both suffer from a minor denial of service issue with file downloads.

tags | exploit, denial of service
SHA-256 | 87fff58ac306829b938551eaffd6ed12db00ff7e56118bf0e6a8e7d7cf6ed267
cpio 2.13 Privilege Escalation
Posted Jan 9, 2024
Authored by Georgi Guninski

cpio version 2.13 suffers from a privilege escalation vulnerability via setuid files in a cpio archive.

tags | exploit
SHA-256 | e4948bd6237737a1ce41d6d861ca14bf4316c0d417e7e9b48c670388f66f760a
Firefox 117 Denial Of Service
Posted Sep 6, 2023
Authored by Georgi Guninski

Firefox version 117 suffers from a file creation denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 0d270254e544e127717e08d6202c874bd08cb13e7feeb36cff908777b6a11eca
GNOME Files 43.4 Privilege Escalation
Posted Aug 8, 2023
Authored by Georgi Guninski

GNOME Files version 43.4 (nautilus) on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges.

tags | exploit
systems | linux, fedora
SHA-256 | ac80117ac673973985c2dd78f43ddd88009c6d2d28c771696ceaab5aceb3f410
Python CGI Documentation Cross Site Scripting
Posted Mar 22, 2023
Authored by Georgi Guninski

The documentation for the python CGI module suffers from a cross site scripting vulnerability.

tags | exploit, cgi, xss, python
SHA-256 | 12070a3cded8397a9c1036c6ffa17c97d5ef5a584b91e3216867995ff23654e8
Sagemath 9.0 Overflow / Denial Of Service
Posted Sep 9, 2022
Authored by Georgi Guninski

Sagemath version 9.0 suffers from overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | cd33738d86983c0d334c06354102833ee1f1e36d4ad569b092958d9f143920da
pari/gp 2.x Arbitrary File Overwrite
Posted Nov 26, 2019
Authored by Georgi Guninski

pari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.

tags | exploit, arbitrary, code execution
systems | linux, debian
SHA-256 | ffffda78c0913f524e10b48ae7dd7f2a88fb017e7d948c4b48b4348c11a63e02
PunBB 1.4.4 Database Disclosure
Posted Nov 11, 2019
Authored by Georgi Guninski

PunBB with SQLite appears to store its database within the webroot, allowing it to be retrieved by attackers.

tags | exploit, info disclosure
SHA-256 | 69a176611a21eebbc0aee350ecc71ddb18f3ad9ba64256f148c25a06a3685d57
safariphone-dos.txt
Posted Mar 17, 2008
Authored by Georgi Guninski

Apple Safari remote denial of service exploit for the iPhone / OSX / Windows.

tags | exploit, remote, denial of service
systems | windows, apple, iphone
SHA-256 | bcf3762c17722ccbd9badf01735132e76fff0d22715bdb3bc81c0734638e143f
konqueror3.5-latest.txt
Posted Oct 20, 2006
Authored by Georgi Guninski

POC for a possible integer overflow bug in konqueror 3.5-latest.

tags | exploit, overflow
SHA-256 | 00263bb5a228545e88b8e05dee01534319248a7271970aec28977e1612e8fbe9
georgiQmail.txt
Posted Aug 7, 2005
Authored by Georgi Guninski

Various flaws exist with qmail on 64 bit platforms. Exploits provided.

tags | exploit
SHA-256 | e78a21634f16badb4dc5b430ee69e8aaf02b0f216e92396bb8d94d3c093ddf2d
kernel26lowmem.txt
Posted Mar 15, 2005
Authored by Georgi Guninski

An integer overflow flaw exists in sys_epoll_wait in the Linux kernel 2.6 series in versions equal to or below 2.6.11. Sample exploitation provided.

tags | exploit, overflow, kernel
systems | linux
SHA-256 | d083ba6efdf8af859e7ea6c1a4962bccf506a55a0eb627d60abf4685586d6b1a
linux-2.6.10.c
Posted Feb 18, 2005
Authored by Georgi Guninski | Site guninski.com

Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.

tags | exploit, kernel
systems | linux
SHA-256 | 64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8b
IEaperture.txt
Posted Oct 13, 2004
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #71 - By opening html in IE it is possible to read at least well formed xml from arbitrary servers. The info then may be transmitted.

tags | advisory, arbitrary
SHA-256 | e156bc37f51fe57421af3618c35923d4d1555d62766229c4eb0d0edca13f7471
Secunia Security Advisory 12526
Posted Sep 15, 2004
Authored by Georgi Guninski, Secunia, Wladimir Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman | Site secunia.com

Secunia Security Advisory - Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system. These vulnerabilities reportedly affect versions prior to the following: Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8.

tags | advisory, vulnerability, xss
SHA-256 | 0a6ca10ffc4a3ba1127a2e7aff306ae4251a2daf157abd425b6d345403f1729d
httpd1.html
Posted Jun 29, 2004
Authored by Georgi Guninski | Site guninski.com

There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.

tags | advisory, denial of service, overflow, arbitrary
SHA-256 | a8cc5f8ac30aaea07627d9adc2917e311c049a9732c8e5df1d08b9e3855672e0
modproxy1.html
Posted Jun 14, 2004
Authored by Georgi Guninski | Site guninski.com

The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.

tags | advisory, denial of service, overflow
SHA-256 | 4fd4a3dc2ff2887823678f53b78e0b6b9f804c4881d7f2160ca9ed11a8f808d5
Secunia Security Advisory 11534
Posted May 29, 2004
Authored by Georgi Guninski, Secunia | Site guninski.com

Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).

tags | advisory, denial of service
SHA-256 | 9510c3cbe496d79d6ba299e4a9cfefccde6cd32836986fc9c388bc98a38277d8
exim1.html
Posted May 7, 2004
Authored by Georgi Guninski | Site guninski.com

Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.

tags | exploit, overflow, proof of concept
SHA-256 | 353e702b40c92a2c6f894d544e776cf46bb65be439d7576759dac932b6645004
qmailcrash.html
Posted Jan 19, 2004
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #65, 2004 - Qmail version 1.03 is susceptible to a couple attacks. A crash in qmail-smtpd occurs with a long SMTP session. The crash is not global, it affects only the current SMTP session. It is also possible to trigger a segmentation violation (SEGV) from the network.

tags | advisory
SHA-256 | 10dae39fc506d25c870163518f0077627ecaf939966caa0aad04678186ced065
msuxobsd2.c
Posted Nov 19, 2003
Authored by Georgi Guninski | Site guninski.com

OpenBSD v3.3 and below local root and v3.4 local denial of service exploit which uses a kernel based stack overflow vulnerability in ICBS. Patch available for v3.3 here. Also works against OpenBSD v2.x.

tags | exploit, denial of service, overflow, kernel, local, root
systems | openbsd
SHA-256 | 02d1b6e6fd805a42150e80b21f685c51c4db5a62cb4d1d9e22b42e2992724a5c
freebsd2.txt
Posted Aug 1, 2002
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski Security Advisory #56, 2002 - It is possible to inject user supplied input to file descriptors 0 through 2, which in some cases (for example if the user is permitted to do su) leads to local root compromise. Includes C code which checks if your system is vulnerable.

tags | local, root
SHA-256 | 5f384a32d95069e2a59cd9ac291811139c17cd24f6fb6bf2e1c41c048807c9f3
aix-execve_bin-sh.c
Posted May 22, 2002
Authored by Georgi Guninski | Site guninski.com

AIX shellcode that does an execve() of /bin/sh.

tags | shellcode
systems | aix
SHA-256 | b148fe51945518e8a42791b283e7d596af3c65b818e4827df4c53d3d8dd094db
guninski-53.txt
Posted Apr 2, 2002
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #53, 2002 - Two serious security vulnerabilities have been found in Microsoft Office XP. It is possible to embed active content (object + script) in HTML mail which is triggered if the user replies to or forwards mail. In addition, a bug in the Host() function of the spreadsheet allows creating files with arbitrary names and their content may be specified to some extent at which is sufficient to place an executable file (.hta) in user's startup directory which may lead to taking full control over user's computer.

tags | exploit, arbitrary, vulnerability
SHA-256 | 3f49c6b96bb45bdcb1c169996f326348feabd1e79660329b74273529af5b2f1f
Page 1 of 3
Back123Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close