what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

Files from Rene Freingruber

First Active2014-02-27
Last Active2018-02-07
InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow
Posted Feb 7, 2018
Authored by Rene Freingruber | Site sec-consult.com

InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2018-1000031, CVE-2018-1000032, CVE-2018-1000033, CVE-2018-1000034, CVE-2018-1000035
MD5 | bdf125c9b1ccf7ea7ce8e8e8062e3d85
Ubiquiti Networks EP-R6 / ER-X / ER-X-SFP Cross Site Scripting
Posted Jul 25, 2017
Authored by Rene Freingruber, T. Weber | Site sec-consult.com

Ubiquiti Networks EP-R6, ER-X, and ER-X-SFP with firmware version 1.9.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9ea2bb02f107be6df0906b4c0a16edf9
Kerio Control Unified Threat Management Code Execution / XSS / Memory Corruption
Posted Sep 22, 2016
Authored by Rene Freingruber, Raschin Tavakoli | Site sec-consult.com

Kerio Control Unified Threat Management versions prior to 9.1.3 suffer from unsafe usage of the PHP unserialize function, code execution, memory corruption, cross site scripting, and various other vulnerabilities.

tags | exploit, php, vulnerability, code execution, xss
MD5 | e4fe2845c8e802b8ff1305d65df94383
CryptWare CryptoPro Secure Disk For Bitlocker 5.1.0.6474 Manipulation
Posted Aug 31, 2016
Authored by Rene Freingruber, M. von Dach | Site sec-consult.com

CryptWare CryptoPro Secure Disk for Bitlocker version 5.1.0.6474 suffers from flaws that allows a malicious party to attack the boot process and backdoor the system to steal login credentials, the private 802.1x certificate, and the associated password.

tags | exploit
MD5 | fa3e0983e05e19b0dfcc2b70f17ffa3d
Bypassing McAfee's Application Whitelisting For Critical Infrastructure Systems
Posted Jan 12, 2016
Authored by Rene Freingruber | Site sec-consult.com

This paper describes the results of the research conducted by SEC Consult Vulnerability Lab on the security of McAfee Application Control. This product is an example of an application whitelisting solution which can be used to further harden critical systems such as server systems in SCADA environments or client systems with high security requirements like administrative workstations. Application whitelisting is a concept which works by whitelisting all installed software on a system and after that prevent the execution of not whitelisted software. This should prevent the execution of malware and therefore protect against advanced persistent threat (APT) attacks. McAfee Application Control is an example of such a software. It can be installed on any system, however, the main field of application is the protection of highly critical infrastructures. While the core feature of the product is application whitelisting, it also supports additional security features including write and read protection as well as different memory corruption protections.

tags | paper
MD5 | 0ddfc7a0eabd62e1452d7ee295e668df
McAfee Application Control Bypass / Driver Issues
Posted Jul 28, 2015
Authored by Rene Freingruber | Site sec-consult.com

McAfee Application Control version 6.1.3.353 suffers from multiple vulnerabilities including insufficient whitelist protection and bypass issues.

tags | advisory, vulnerability
MD5 | 9e9665313071b62a515db6eb74e7e7d7
Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal
Posted Jun 26, 2015
Authored by Rene Freingruber | Site sec-consult.com

By combining all vulnerabilities documented in this advisory an unprivileged authenticated remote attacker can gain full system access (root) on the RPRM appliance. This has an impact on all conferences taking place via this RP Resource Manager. Attackers can steal all conference passcodes and join or record any conference. Versions prior to 8.4 are affected.

tags | exploit, remote, root, vulnerability
advisories | CVE-2015-4681, CVE-2015-4682, CVE-2015-4683, CVE-2015-4684, CVE-2015-4685
MD5 | 6000873fcc165414249c80fa248c6873
SAS 9.2 / 9.3 / 9.4 Local Buffer Overflow
Posted Feb 27, 2014
Authored by Rene Freingruber | Site sec-consult.com

SAS for Windows versions 9.2, 9.3, and 9.4 suffer from a local buffer overflow vulnerability.

tags | advisory, overflow, local
systems | windows
MD5 | 2a6f205cf583a0dbecffee365065a9dc
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close