exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files

HFS Http File Server 2.3m Build 300 Buffer Overflow
Posted Jun 8, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

HFS Http File Server version 2.3m build 300 suffers from a remote buffer overflow vulnerability that can lead to a denial of service.

tags | exploit, remote, web, denial of service, overflow
advisories | CVE-2020-13432
SHA-256 | c7ab5ba2d2663b28ffedb5d9db2e23328041d24057b118524685224b0d480c62

Related Files

HFS (HTTP File Server) 2.3.x Remote Code Execution
Posted Feb 23, 2021
Authored by Pergyz

HFS (HTTP File Server) version 2.3.x remote code execution exploit.

tags | exploit, remote, web, code execution
advisories | CVE-2014-6287
SHA-256 | d5259779819e2ec48d535d544c03503c184fbc5382e90d8a57b7ba07265969f1
SunSSH Solaris 10.0 / 11.0 x86 Remote Root
Posted Nov 9, 2020
Authored by Hacker Fantastic

A trivial to reach stack-based buffer overflow is present in libpam on Solaris. The vulnerable code exists in pam_framework.c parse_user_name() which allocates a fixed size buffer of 512 bytes on the stack and parses a username supplied to PAM modules (such as authtok_get used by SunSSH). This issue can be reached remotely pre-authentication via SunSSH when "keyboard-interactive" is enabled to use PAM based authentication. The vulnerability was discovered being actively exploited by FireEye in the wild and is part of an APT toolkit called "EVILSUN". The vulnerability is present in both SPARC/x86 versions of Solaris and others (eg. illumos). This exploit uses ROP gadgets to disable nxstack through mprotect on x86 and a helper shellcode stub. Tested against latest Solaris 10 without patch applied and the configuration is vulnerable in a default vanilla install. This exploit requires libssh2, the vulnerability has been identified and confirmed reachable on Solaris 10 through 11.0.

tags | exploit, overflow, x86, shellcode
systems | solaris
advisories | CVE-2020-14871
SHA-256 | 4efe811f974352dcef13923a4c23660cd48238ef8eed2fdf0c41f3fb02116a22
HTTP File Server 2.3a / 2.3b / 2.3c Remote Command Execution
Posted Oct 2, 2014
Authored by Daniele Linguaglossa

HTTP File Server versions 2.3a, 2.3b, and 2.3c suffer from a remote command execution vulnerability.

tags | exploit, remote, web
advisories | CVE-2014-7226
SHA-256 | 719b732e5e72911d054b6ed18ca5b6c8966afb541239db03bc1b69bb8709be8d
MacOSX 10.9.2/XNU HFS Hard Linking
Posted Apr 6, 2014
Authored by Maksymilian Arciemowicz | Site cxsecurity.com

Multiple vulnerabilities have been reported in HFS, including a hard linking issue that can be used to trigger a denial of service condition.

tags | exploit, denial of service, vulnerability
advisories | CVE-2010-0105, CVE-2013-6799
SHA-256 | be35bd5afa319dfac7f6e3e41d1bb757eeeb443aa69504e617ce51aef83f35fb
hfs-spoof.txt
Posted Jan 24, 2008
Authored by Felipe Daragon, Alec Storm | Site syhunt.com

HFS versions 1.5g through 2.3 suffer from username spoofing and log injection vulnerabilities.

tags | advisory, spoof, vulnerability
advisories | CVE-2008-0407, CVE-2008-0408
SHA-256 | 5b3cbaf4dc12bfae2a139d34b04a6f0260e498eb9425aab233e032444fa1c0a7
hfshack.txt
Posted Jan 24, 2008
Authored by Felipe Daragon, Alec Storm | Site syhunt.com

Syhunt HFSHack version 1.0b is an exploit for various vulnerabilities found in HFS versions 1.5 through 2.3.

tags | exploit, vulnerability
advisories | CVE-2008-0405, CVE-2008-0406, CVE-2008-0407, CVE-2008-0408, CVE-2008-0409, CVE-2008-0410
SHA-256 | cf5241d98b767c660b1da691f06531bdf11802f7be9b965f8b6a271445f08f40
hfs-manipulate.txt
Posted Jan 24, 2008
Authored by Felipe Daragon, Alec Storm | Site syhunt.com

HFS versions 2.2 through 2.3 suffer from arbitrary file manipulation and denial of service vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2008-0405, CVE-2008-0406
SHA-256 | b808645f02dd720f4b5dc129b8f8e58df6ca146c7b5158604938c0d0f8bbd55e
hfs-xss.txt
Posted Jan 24, 2008
Authored by Felipe Daragon, Alec Storm | Site syhunt.com

HFS versions 2.3 through 2.0 suffer from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2008-0409, CVE-2008-0410
SHA-256 | c6417b3811c50e7ea4316acb3c097304bd8f5ebfd4d871f85cbc2532a0cd2f0d
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close