exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Joaquin Rodriguez Varela

First Active2014-10-16
Last Active2016-08-11
SAP CAR Archive Tool Denial Of Service / Security Bypass
Posted Aug 11, 2016
Authored by Core Security Technologies, Martin Gallo, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - SAP CAR archive tool suffers from security bypass and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2016-5845, CVE-2016-5847
SHA-256 | e526bc68dd7fc857147e1bbe8e921f1d4110eece04020dc4932d94850a062701
Download | Favorite | View
Samsung SW Update Tool 2.2.5.16 Man-In-The-Middle
Posted Mar 11, 2016
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

The Samsung SW Update tool version 2.2.5.16 suffers from a man-in-the-middle vulnerability.

tags | exploit
SHA-256 | 18a66fe7900c1810c0fc80919872842aa7dc1c3f9621fc72457dd1327d263f61
Download | Favorite | View
InFocus IN3128HD Projector Missing Authentication
Posted Apr 28, 2015
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - The InFocus IN3128HD Projector is vulnerable to an authentication bypass in its web interface login page, and is missing authentication for the "webctrl.cgi.elf" CGI file, which allows several actions to be performed or configured inside the device. Firmware 0.26 is verified vulnerable.

tags | exploit, web, cgi
advisories | CVE-2014-8383, CVE-2014-8384
SHA-256 | 43fb2590b9fc435e2c9ebe21968f5729e87d0846d203db8e44a8e274d09e864c
Download | Favorite | View
Advantech WebAccess 7.2 Stack-Based Buffer Overflow
Posted Nov 20, 2014
Authored by Core Security Technologies, Joaquin Rodriguez Varela, Ricardo Narvaj | Site coresecurity.com

Core Security Technologies Advisory - Advantech WebAccess version 7.2 is vulnerable to a stack-based buffer overflow attack, which can be exploited by remote attackers to execute arbitrary code, by providing a malicious html file with specific parameters for an ActiveX component.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2014-8388
SHA-256 | f1107baceb903ca53318f0f5735854c6a5130cf3da81f5840dce6c8afe32091a
Download | Favorite | View
Advantech EKI-6340 2.05 Command Injection
Posted Nov 20, 2014
Authored by Core Security Technologies, Anibal Sacco, Facundo Pantaleo, Joaquin Rodriguez Varela, Flavio Cangini | Site coresecurity.com

Core Security Technologies Advisory - Advantech EKI-6340 series is vulnerable to an OS command injection, which can be exploited by remote attackers to execute arbitrary code and commands, by using a non privileged user against a vulnerable CGI file.

tags | exploit, remote, arbitrary, cgi
advisories | CVE-2014-8387
SHA-256 | a64726d244d547419fa3a47c114cb81761f6e477ec05f980a3199ab9e0a55aca
Download | Favorite | View
Advantech AdamView 4.3 Buffer Overflow
Posted Nov 20, 2014
Authored by Core Security Technologies, Daniel Kazimirow, Joaquin Rodriguez Varela, Fernando Paez | Site coresecurity.com

Core Security Technologies Advisory - Advantech AdamView version 4.3 has two different fields vulnerable to buffer overflow attacks, which can be exploited by attackers in order to execute arbitrary code by running files with the '.gni' extension that is associated with the AdamView software.

tags | advisory, overflow, arbitrary
advisories | CVE-2014-8386
SHA-256 | 4fe10cda753e8e158ce53fcdfbfe4c893a64dbd2105a91b331e4abac8fc4f063
Download | Favorite | View
SAP Netweaver Enqueue Server Trace Pattern Denial Of Service
Posted Oct 16, 2014
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.

tags | exploit, java, remote, denial of service, tcp
advisories | CVE-2014-0995
SHA-256 | 2fe79852efd8b14902357955bf4b11e2258b497446f8f44384873604c64f25db
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close