what you don't know can hurt you
Showing 1 - 25 of 61 RSS Feed

Files from Georgi Guninski

Email addressguninski at guninski.com
First Active1999-08-17
Last Active2019-11-26
pari/gp 2.x Arbitrary File Overwrite
Posted Nov 26, 2019
Authored by Georgi Guninski

pari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.

tags | exploit, arbitrary, code execution
systems | linux, debian
MD5 | 0ecadd450355ff88db28e7b58b63b32a
PunBB 1.4.4 Database Disclosure
Posted Nov 11, 2019
Authored by Georgi Guninski

PunBB with SQLite appears to store its database within the webroot, allowing it to be retrieved by attackers.

tags | exploit, info disclosure
MD5 | 4cdd50b4b325603af71d3727a24a9722
safariphone-dos.txt
Posted Mar 17, 2008
Authored by Georgi Guninski

Apple Safari remote denial of service exploit for the iPhone / OSX / Windows.

tags | exploit, remote, denial of service
systems | windows, apple, iphone
MD5 | f64f318f0d76219661e097309073221b
konqueror3.5-latest.txt
Posted Oct 20, 2006
Authored by Georgi Guninski

POC for a possible integer overflow bug in konqueror 3.5-latest.

tags | exploit, overflow
MD5 | d416235d5866272fc1f83da95f771775
georgiQmail.txt
Posted Aug 7, 2005
Authored by Georgi Guninski

Various flaws exist with qmail on 64 bit platforms. Exploits provided.

tags | exploit
MD5 | f220a452a5e206a0c67c2be0ea73411f
kernel26lowmem.txt
Posted Mar 15, 2005
Authored by Georgi Guninski

An integer overflow flaw exists in sys_epoll_wait in the Linux kernel 2.6 series in versions equal to or below 2.6.11. Sample exploitation provided.

tags | exploit, overflow, kernel
systems | linux
MD5 | 46cd73464c9edcec833e5046efbddce9
linux-2.6.10.c
Posted Feb 18, 2005
Authored by Georgi Guninski | Site guninski.com

Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.

tags | exploit, kernel
systems | linux
MD5 | f39502f31cc80538acad38883a2eb0ce
IEaperture.txt
Posted Oct 13, 2004
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #71 - By opening html in IE it is possible to read at least well formed xml from arbitrary servers. The info then may be transmitted.

tags | advisory, arbitrary
MD5 | 07a3e977e24d41f26534d346ec4cb3f7
Secunia Security Advisory 12526
Posted Sep 15, 2004
Authored by Georgi Guninski, Secunia, Wladimir Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman | Site secunia.com

Secunia Security Advisory - Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system. These vulnerabilities reportedly affect versions prior to the following: Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8.

tags | advisory, vulnerability, xss
MD5 | b4ee8abb87dae2aeeabe4dd13264557a
httpd1.html
Posted Jun 29, 2004
Authored by Georgi Guninski | Site guninski.com

There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.

tags | advisory, denial of service, overflow, arbitrary
MD5 | b801e23971a881cdb1d8b49c6f20eaf1
modproxy1.html
Posted Jun 14, 2004
Authored by Georgi Guninski | Site guninski.com

The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.

tags | advisory, denial of service, overflow
MD5 | e7d78d7a935f0a2ce17af90ae82bf0ba
Secunia Security Advisory 11534
Posted May 29, 2004
Authored by Georgi Guninski, Secunia | Site guninski.com

Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).

tags | advisory, denial of service
MD5 | 09b467d0d9a367dc251aaae6316a88c5
exim1.html
Posted May 7, 2004
Authored by Georgi Guninski | Site guninski.com

Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.

tags | exploit, overflow, proof of concept
MD5 | a8e4942b9a3c3e0b2511c7b3e7f6a8d6
qmailcrash.html
Posted Jan 19, 2004
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #65, 2004 - Qmail version 1.03 is susceptible to a couple attacks. A crash in qmail-smtpd occurs with a long SMTP session. The crash is not global, it affects only the current SMTP session. It is also possible to trigger a segmentation violation (SEGV) from the network.

tags | advisory
MD5 | a3dd135400b8e81de6cc816382100e93
msuxobsd2.c
Posted Nov 19, 2003
Authored by Georgi Guninski | Site guninski.com

OpenBSD v3.3 and below local root and v3.4 local denial of service exploit which uses a kernel based stack overflow vulnerability in ICBS. Patch available for v3.3 here. Also works against OpenBSD v2.x.

tags | exploit, denial of service, overflow, kernel, local, root
systems | openbsd
MD5 | d2c5ec9e1b0e56417a1369edc4c038f3
freebsd2.txt
Posted Aug 1, 2002
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski Security Advisory #56, 2002 - It is possible to inject user supplied input to file descriptors 0 through 2, which in some cases (for example if the user is permitted to do su) leads to local root compromise. Includes C code which checks if your system is vulnerable.

tags | local, root
MD5 | 32036636a37e85f45cd4f6884a7968c9
aix-execve_bin-sh.c
Posted May 22, 2002
Authored by Georgi Guninski | Site guninski.com

AIX shellcode that does an execve() of /bin/sh.

tags | shellcode
systems | aix
MD5 | 49b14510e8fc3b9f04c86058ffc3a0ea
guninski-53.txt
Posted Apr 2, 2002
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #53, 2002 - Two serious security vulnerabilities have been found in Microsoft Office XP. It is possible to embed active content (object + script) in HTML mail which is triggered if the user replies to or forwards mail. In addition, a bug in the Host() function of the spreadsheet allows creating files with arbitrary names and their content may be specified to some extent at which is sufficient to place an executable file (.hta) in user's startup directory which may lead to taking full control over user's computer.

tags | exploit, arbitrary, vulnerability
MD5 | 2fbb5a730b6516363c61c5ba49238bcb
vvfreebsd.txt
Posted Jul 12, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #48, 2001 - There is local root compromise in FreeBSD 4.3 due to design flaw which allows injecting signal handlers in other processes. Includes vvfreebsd.c, a local root exploit.

tags | exploit, local, root
systems | freebsd
MD5 | 2d223327e13a25c1742fe30e2fda51ba
openbsdrace.txt
Posted Jul 12, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #47, 2001 - OpenBSD 2.8 and 2.9 have a race condition in the kernel which leads to local root compromise. By forking a few process it is possible to attach to +s pid with ptrace. Includes vvopenbsd.c, a local root exploit.

tags | exploit, kernel, local, root
systems | openbsd
MD5 | 9178cad0470bd7e348f0e538216d00c1
sunhome.txt
Posted Jun 4, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #46, 2001 - There is a buffer overflow in SunOS 5.8 x86 with $HOME and /usr/bin/mail leading to egid=mail. Includes exploit.

tags | exploit, overflow, x86
systems | solaris
MD5 | c001290c85b9715cba2645cb81f2c3f6
iexslt.txt
Posted Apr 21, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #43, 2001 - It is possible to execute Active Scripting with the help of XML and XSL even if Active Scripting is disabled in all security zones. This is especially dangerous in email messages. Though this is not typical exploit itself, it may be used in other exploits especially in email. To use the demonstration, disable Active Scripting and click here. If you see any message box you are vulnerable.

tags | exploit
MD5 | 4526c231ea4ece969f1f44a5d9a5e543
clsidext.txt
Posted Apr 17, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #42, 2001 - By double clicking from Window Explorer or Internet Explorer on filenames with innocent extensions the user may be tricked to execute arbitrary programs. If the file extension has a certain CLSID, then Windows explorer and IE do not show the CLSID and only the harmless looking extension. Demonstration available here.

tags | exploit, arbitrary
systems | windows
MD5 | b09db7120def52b6ad9852216e070876
iemsdaipp.txt
Posted Mar 30, 2001
Authored by Georgi Guninski | Site guninski.com

Georgi Guninski security advisory #40 - Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000. If a malicious web page is browsed with IE it is possible to list the directories of arbitrary IIS 5.0 servers to which the browsing user has access. Under certain circumstances it is also possible to read the user's email or folders if it is stored on an Exchange 2000 server with web storage (it uses IIS 5.0). It is also possible to create (or probably modify) files on the Exchange 2000 server with web storage. Example exploit included.

tags | exploit, web, arbitrary
MD5 | 85beec7e8445644e67cb4fa185ca6a0c
vv5.pl
Posted Mar 19, 2001
Authored by Georgi Guninski | Site guninski.com

IIS 5.0 / Windows 2000 WebDAV remote denial of service exploit - Sends a specially crafted request, as described in MS01-016.

tags | exploit, remote, denial of service
systems | windows, 2k
MD5 | a2cab69356c0b04e87dc3307f26a0c1c
Page 1 of 3
Back123Next

File Archive:

March 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    2 Files
  • 2
    Mar 2nd
    18 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    12 Files
  • 5
    Mar 5th
    19 Files
  • 6
    Mar 6th
    8 Files
  • 7
    Mar 7th
    1 Files
  • 8
    Mar 8th
    1 Files
  • 9
    Mar 9th
    11 Files
  • 10
    Mar 10th
    15 Files
  • 11
    Mar 11th
    9 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    13 Files
  • 14
    Mar 14th
    10 Files
  • 15
    Mar 15th
    13 Files
  • 16
    Mar 16th
    27 Files
  • 17
    Mar 17th
    15 Files
  • 18
    Mar 18th
    23 Files
  • 19
    Mar 19th
    25 Files
  • 20
    Mar 20th
    10 Files
  • 21
    Mar 21st
    6 Files
  • 22
    Mar 22nd
    1 Files
  • 23
    Mar 23rd
    22 Files
  • 24
    Mar 24th
    15 Files
  • 25
    Mar 25th
    22 Files
  • 26
    Mar 26th
    20 Files
  • 27
    Mar 27th
    15 Files
  • 28
    Mar 28th
    10 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close