exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files from David Tomaschik

Email addressdavidtomaschik at google.com
First Active2016-08-22
Last Active2019-08-26
Apache Tapestry 5.3.6 HMAC Timing Attack
Posted Aug 26, 2019
Authored by David Tomaschik

Apache Tapestry version 5.3.6 suffers from a timing attack vulnerability during HMAC verification.

tags | advisory
advisories | CVE-2019-10071
SHA-256 | 2b8427db67e3d329acc8cb4dfc1895672828a371a3235ea047dedb0c4abe8079
Download | Favorite | View
iStar Ultra / IP-ACM Boards Fixed AES Key
Posted Dec 20, 2017
Authored by David Tomaschik

Vulnerabilities were identified in the iStar Ultra and IP-ACM boards offered by Software House. The communications between the IP-ACM and the iStar Ultra is encrypted using a fixed AES key and IV. Each message is encrypted in CBC mode and restarts with the fixed IV, leading to replay attacks of entire messages. There is no authentication of messages beyond the use of the fixed AES key, so message forgery is also possible.

tags | advisory, vulnerability, bypass
advisories | CVE-2017-17704
SHA-256 | 204786b1402fdbec34ba89ae4fe9ceed678dd3d6096ef0880cd0a2f1ff6cb00d
Download | Favorite | View
Belden GarrettCom 6K / 10KT Bypass / Disclosure / Buffer Overflow
Posted May 19, 2017
Authored by David Tomaschik

Belden GarrettCom 6K and 10KT series suffer from suffers from buffer overflow, authentication bypass, information disclosure, and other vulnerabilities.

tags | exploit, overflow, vulnerability, info disclosure
SHA-256 | 49d1717295169be58fe33b4c7d8306f29f0d9e8f045dbaf9cda485d36d3f2e48
Download | Favorite | View
Alerton Webtalk 2.5 / 3.3 Hash Disclosure / CSRF / Command Injection
Posted Apr 27, 2017
Authored by David Tomaschik

Alerton Webtalk versions 2.5 and 3.3 suffer from cross site request forgery, password hash disclosure, command injection, and login flow vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
SHA-256 | be96769dc81301b02252f6d8006cd1b6c3c22bae6c57e3450ff6953e9cded4f6
Download | Favorite | View
ObiHai ObiPhone 1032/1062 XSS / CSRF / DoS / Command Injection
Posted Aug 22, 2016
Authored by David Tomaschik

ObiHai ObiPhone 1032/1062 with firmware less than 5-0-0-3497 suffers from buffer overflow, cross site scripting, cross site request forgery, command injection, denial of service, and various other vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability, xss, info disclosure, csrf
SHA-256 | c01c956473f4e72a247182e6bcb22fe0af02e5eb1aefac7e5b88a3868d051233
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close