exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Joaquin Rodriguez Varela

First Active2014-10-16
Last Active2016-08-11
SAP CAR Archive Tool Denial Of Service / Security Bypass
Posted Aug 11, 2016
Authored by Core Security Technologies, Martin Gallo, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - SAP CAR archive tool suffers from security bypass and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2016-5845, CVE-2016-5847
SHA-256 | e526bc68dd7fc857147e1bbe8e921f1d4110eece04020dc4932d94850a062701
Download | Favorite | View
Samsung SW Update Tool 2.2.5.16 Man-In-The-Middle
Posted Mar 11, 2016
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

The Samsung SW Update tool version 2.2.5.16 suffers from a man-in-the-middle vulnerability.

tags | exploit
SHA-256 | 18a66fe7900c1810c0fc80919872842aa7dc1c3f9621fc72457dd1327d263f61
Download | Favorite | View
InFocus IN3128HD Projector Missing Authentication
Posted Apr 28, 2015
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - The InFocus IN3128HD Projector is vulnerable to an authentication bypass in its web interface login page, and is missing authentication for the "webctrl.cgi.elf" CGI file, which allows several actions to be performed or configured inside the device. Firmware 0.26 is verified vulnerable.

tags | exploit, web, cgi
advisories | CVE-2014-8383, CVE-2014-8384
SHA-256 | 43fb2590b9fc435e2c9ebe21968f5729e87d0846d203db8e44a8e274d09e864c
Download | Favorite | View
Advantech WebAccess 7.2 Stack-Based Buffer Overflow
Posted Nov 20, 2014
Authored by Core Security Technologies, Joaquin Rodriguez Varela, Ricardo Narvaj | Site coresecurity.com

Core Security Technologies Advisory - Advantech WebAccess version 7.2 is vulnerable to a stack-based buffer overflow attack, which can be exploited by remote attackers to execute arbitrary code, by providing a malicious html file with specific parameters for an ActiveX component.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2014-8388
SHA-256 | f1107baceb903ca53318f0f5735854c6a5130cf3da81f5840dce6c8afe32091a
Download | Favorite | View
Advantech EKI-6340 2.05 Command Injection
Posted Nov 20, 2014
Authored by Core Security Technologies, Anibal Sacco, Facundo Pantaleo, Joaquin Rodriguez Varela, Flavio Cangini | Site coresecurity.com

Core Security Technologies Advisory - Advantech EKI-6340 series is vulnerable to an OS command injection, which can be exploited by remote attackers to execute arbitrary code and commands, by using a non privileged user against a vulnerable CGI file.

tags | exploit, remote, arbitrary, cgi
advisories | CVE-2014-8387
SHA-256 | a64726d244d547419fa3a47c114cb81761f6e477ec05f980a3199ab9e0a55aca
Download | Favorite | View
Advantech AdamView 4.3 Buffer Overflow
Posted Nov 20, 2014
Authored by Core Security Technologies, Daniel Kazimirow, Joaquin Rodriguez Varela, Fernando Paez | Site coresecurity.com

Core Security Technologies Advisory - Advantech AdamView version 4.3 has two different fields vulnerable to buffer overflow attacks, which can be exploited by attackers in order to execute arbitrary code by running files with the '.gni' extension that is associated with the AdamView software.

tags | advisory, overflow, arbitrary
advisories | CVE-2014-8386
SHA-256 | 4fe10cda753e8e158ce53fcdfbfe4c893a64dbd2105a91b331e4abac8fc4f063
Download | Favorite | View
SAP Netweaver Enqueue Server Trace Pattern Denial Of Service
Posted Oct 16, 2014
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.

tags | exploit, java, remote, denial of service, tcp
advisories | CVE-2014-0995
SHA-256 | 2fe79852efd8b14902357955bf4b11e2258b497446f8f44384873604c64f25db
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close