exploit the possibilities
Showing 1 - 25 of 40 RSS Feed

Files from HexView

Email addressservices at hexview.com
First Active1999-09-23
Last Active2012-08-06
Android HTC Mail Insecure Password Management
Posted Aug 6, 2012
Authored by HexView | Site hexview.com

The HTC Mail application on Android stores passwords base64 encoded after swapping around odd and even characters.

tags | exploit
SHA-256 | 5dbb95f9e5f9adae904123eb9746ffa5bfd499af74e2a90f0e01d0d5d1ae9cf8
HexView Security Advisory 2006-06-06.1
Posted Jun 12, 2006
Authored by HexView | Site hexview.com

The Microsoft NetMeeting application insufficiently validates received data opening a possibility to overwrite portions of application memory causing exceptions ranging from null-pointer access to a possible code execution. Version 3.01 has been found vulnerable.

tags | advisory, code execution
SHA-256 | a88f3c204e5b5b98c35fd8a74b701829f9b30f2c25275569137bbba6ad575152
HEXVIEW-2006-03-14-1.txt
Posted Mar 15, 2006
Authored by HexView | Site hexview.com

HEXVIEW*2006*03*14*1 - A vulnerability exists in Microsoft Excel which can be exploited to run a code of attacker's choice on user's PC.

tags | advisory
SHA-256 | b49f61bf0aad7736ae9c98d528c432754324b83c3815c076ca36290e525344d3
HexView Security Advisory 2006-03-14.1
Posted Mar 15, 2006
Authored by HexView | Site hexview.com

A vulnerability exists in Microsoft Excel which can be exploited to run a code of attacker's choice on user's PC. Sufficient data validation is not performed when parsing "Named Range" definitions in the document file, which makes it possible to produce a negative 32-bit value that is later used as a length parameter for the msvcrt.memmove() function. As a result, a large chunk of memory is copied overwriting critical memory ranges, including the stack space. All tests were performed using Microsoft Excel 2003 (11.6560.6568) on Windows XP and Windows 2000 Pro platforms. It is likely that all MS Excel products are vulnerable.

tags | advisory
systems | windows
advisories | CVE-2005-4131
SHA-256 | d3ff03122df3a97151a14bd39966d4c618c8133f2af3261d2fc519f3c40b6a32
HexView Security Advisory 0405-20-05.05
Posted Aug 6, 2005
Authored by HexView, ShineShadow

Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow for cross site scripting, arbitrary file viewing, and more.

tags | exploit, web, arbitrary, vulnerability, xss
SHA-256 | bbd44f9d66d0b59f4e1b162ed1fba5a48f52f53f725ac4d72198eda5661ffc2b
HexView Security Advisory 2005-03-31.1
Posted Apr 14, 2005
Authored by HexView | Site hexview.com

The Microsoft Jet DB engine suffers from various vulnerabilities that can lead to arbitrary code execution.

tags | advisory, arbitrary, vulnerability, code execution
SHA-256 | 3bc0f27920edbf12b249e0d3cf0e4a6040fae500fdb40a7f3ea4fcffacf8d45c
HexView Security Advisory 2601-20-05.03
Posted Jan 29, 2005
Authored by HexView, ShineShadow

Multiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.

tags | exploit, web, arbitrary, vulnerability, xss
SHA-256 | 2f72998322fa1ea4c6c2c644becc01d4932c53fb305167832b92978f9a58c796
HexView Security Advisory 2004-11-04.1
Posted Nov 5, 2004
Authored by HexView | Site hexview.com

Symantec LiveUpdate is susceptible to compressed archive attacks known as zip bombing.

tags | advisory
SHA-256 | 2673b88a121041513379080564220f8659436f861cf25d1939c9738f8b4f4a07
HexView Security Advisory 2004-11-03.1
Posted Nov 5, 2004
Authored by HexView | Site hexview.com

Zip console application by Info-Zip is susceptible to a buffer overflow condition that can be triggered and exploited during a recursive compression operation.

tags | advisory, overflow
SHA-256 | 274803fde916bd9e952281ab6546188a8fdc6b1c96a71fcd827aee6005de24b5
HexView Security Advisory 2004-10-21.1
Posted Oct 27, 2004
Authored by HexView | Site hexview.com

A specially crafted WAV file can cause the WAV file property handler to consume all available CPU resources on Windows XP.

tags | advisory
systems | windows
SHA-256 | 8e05ffb1b09efaeebd8f0714bf6ea2a5918b97d04c49938779f57d86f6f1093c
HexView Security Advisory 2004-10-12.1
Posted Oct 24, 2004
Authored by HexView | Site hexview.com

Insufficient data validation for incoming calendar data makes possible to cause buffer overflow condition leading to stack corruption. As a result, it is possible to reboot the device (all stored messages will be lost since RAM storage will be reinitialized). It is also possible to execute code embedded by the attacker. It should be mentioned that Blackberry developers tools are freely available.

tags | advisory, overflow
SHA-256 | 92f19aced80d13dd354f933fc08c07fda2df3c70c05fdcf8c2fff682d778be56
MSwordExploitable.txt
Posted Oct 13, 2004
Authored by HexView | Site hexview.com

Microsoft Word is susceptible to having an exception triggered due to a lack of sufficient data validation when winword.exe parses a document file. Two types of exceptions can be triggered, with the second being possibly exploitable.

tags | advisory
SHA-256 | cdc21ddeff9714cf7e828e939a3991db70d3d59f034e5e36ca4d6c5e9788b886
HexView Security Advisory 0811-20-04.1
Posted Aug 12, 2004
Authored by HexView, Thomas Ryan, Paul Craig

BlackIce Server Protect versions 3.6cno and below from Internet Security Systems installs a firewall ruleset that can be removed or modified by any trusted or local unprivileged user.

tags | advisory, local
SHA-256 | f4772cb504ab957ef7193a8d03b9130f45c9592b768c32a0241b609c051209a1
datakeyPassword.txt
Posted Aug 5, 2004
Authored by HexView

Datakey's tokens and smartcards suffer from a clear text password exposure vulnerability. The communication channel between the token and the driver is not encrypted. A user's PIN can be retrieved using a proxy driver or hardware sniffer. Systems affected: Rainbow iKey2032 USB token and Datakey's up-to-date CIP client package.

tags | advisory
SHA-256 | e6a95aba557fecb0404997af5ad693bdb744910e82a8e30d9cad43caeeb4742e
msSMSClient.txt
Posted Jul 14, 2004
Authored by HexView

A denial of service condition exists in the Microsoft SMS Client where a data packet that gets analyzed will cause the server to throw an exception while attempting to read or write an invalid memory address. Tested against: Microsoft Systems Management Server version 2.50.2726.0.

tags | advisory, denial of service
SHA-256 | 553f2e065d26c6b861b80533b5ce510271d41b91c5034a763c8d3895d8d62af4
netegrityXSS.txt
Posted Jul 1, 2004
Authored by HexView

A cross site scripting vulnerability exists in Netegrity IdentityMinder Web Edition 5.6 SP2 for Windows and Netegrity Policy Server version 5.5.

tags | advisory, web, xss
systems | windows
SHA-256 | 60d8395a6691d3d4f0676d76c918575f97a8d986d0e069c2a2e903bd448fa6ff
HexView Security Advisory 2004-06-30.2
Posted Jun 30, 2004
Authored by HexView | Site netfilter.org

Sending crafted packets to a 2.6 series kernel with netfilter rules matching TCP options (using the --tcp-option match) may result in a Denial of Service.

tags | advisory, denial of service, kernel, tcp
advisories | CVE-2004-0626
SHA-256 | 28a31023e011acd43ed42575cb7c55864db29f0f4463ce4e22d18f0616b771b0
HexView Security Advisory 2004-06-01.01
Posted Jun 18, 2004
Authored by HexView, SGI Security Coordinator | Site support.sgi.com

SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.

tags | advisory, kernel, root
systems | irix
advisories | CVE-2004-0135, CVE-2004-0136, CVE-2004-0137
SHA-256 | c311575509d77e140256db203b3431dabc5c01cfb4dd8d1e624c66a52ee8d789
HexView Security Advisory 2004-05-07.01
Posted May 26, 2004
Authored by HexView | Site support.sgi.com

SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.

tags | advisory, root
systems | irix
advisories | CVE-2004-0134
SHA-256 | 7d950166788412a4f59d5667daca8545e4ae1aefd11cc0225a8adfe941090883
HexView Security Advisory 2004-05-03.01
Posted May 18, 2004
Authored by HexView | Site sgi.com

SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x.

tags | advisory, denial of service
systems | irix
SHA-256 | 60b6fab3dcc07e154a22aa2c18072a5e408070846522782d959a9681d25da497
HexView Security Advisory 2004-04-01.01
Posted Apr 2, 2004
Authored by HexView | Site support.sgi.com

SGI Security Advisory 20040401-01-P - It has been reported that there are several security issues affecting ftpd on IRIX. There is an ftpd DoS that is possible during PORT mode (SGI BUG 899364) not to mention that ftpd's ftp_syslog() doesn't work with anonymous FTP (SGI BUG 909172).

tags | advisory
systems | irix
SHA-256 | d0f63c5ef8fae4b78f5bbda3793a2c29d3e7603a5dde6ed7dde8af08e6c4ecf6
HexView Security Advisory 2003-09-02.01
Posted Sep 26, 2003
Authored by HexView | Site sgi.com

SGI Security Advisory 20030902-01-P - It has been reported that certain Microsoft RPC scanning can cause the DCE daemon dced to abort, causing a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2003-0746
SHA-256 | aff987ebea44700e772f00905cc18391b6bb9872ff70d9c1c6d4a9fb41d1b8d0
HexView Security Advisory 2003-09-01.01
Posted Sep 18, 2003
Authored by HexView | Site sgi.com

SGI Security Advisory 20030901-01-P - It has been reported that under certain conditions a NFS client can avoid read-only restrictions on filesystems exported via NFS from a server running IRIX 6.5.21 and mount them in read/write mode.

tags | advisory
systems | irix
advisories | CVE-2003-0680
SHA-256 | 20adad9965ecc3ab9669c0c0f988b3136ffc46d036a3e2a4b59af98e260d296a
HexView Security Advisory 2003-08-03.01
Posted Aug 26, 2003
Authored by HexView, SGI Security Coordinator | Site sgi.com

SGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.

tags | advisory, remote, root
SHA-256 | f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1
HexView Security Advisory 2003-08-01.01
Posted Aug 14, 2003
Authored by HexView | Site sgi.com

SGI Security Advisory 20030801-01-P - It is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.

tags | advisory, remote, denial of service, kernel, local
systems | irix
advisories | CVE-2003-0576
SHA-256 | c8555a9a5b384e2c2b2c17225b0c097f292cea81bae358a367064a71388393f1
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close