exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files from Ben Williams

First Active2000-12-06
Last Active2012-12-01
Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery
Posted Dec 1, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | dc05d05741d0032ca22015833dc4041ed1ca3c2d65c591c24b1938667377ebc9
Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
Posted Dec 1, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 02e19ca0a225fdcd1f0c1e586751901daa77b8a2d4f8ed03598a1e686d6ea790
Symantec Messaging Gateway Backdoor / Privilege Escalation
Posted Nov 30, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-4573, CVE-2008-0009, CVE-2008-4210, CVE-2009-1046, CVE-2009-1337, CVE-2009-2692, CVE-2009-3547, CVE-2010-1146, CVE-2010-2959, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3904, CVE-2010-4073, CVE-2010-4258, CVE-2010-4347
SHA-256 | 0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Symantec Messaging Gateway 9.5.3-3 Cross Site Scripting
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an out-of-band stored cross site scripting vulnerability via email. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, xss
SHA-256 | efc556b14d7eaaab1ee4e073431e2ec92e2cb39a2d25ac6dc8ece93acb4541eb
Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, arbitrary
SHA-256 | 25af61338564cb5ac5945690d75e3ef01177fd3439ed35b0b88b7b650a1c8240
Symantec Messaging Gateway 9.5.3-3 Unauthorized SSH Access
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthorized ssh access vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
SHA-256 | c0fb665289612f001a3b0b55edd4149f5142e0dc932b0d8e4991ffd2e0c26fc2
Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, csrf
SHA-256 | 378f303f72289da19ddbd813812ef932bf32812e90d735f95783481de4d04b58
Symantec Messaging Gateway 9.5.3-3 Disclosure
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthenticated detailed version disclosure vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
SHA-256 | bbb4709841e4fe0d02dc171408f915bd1b98a01e969446b1da6b82f3608fa832
Symantec Messaging Gateway 9.5 Default SSH Password
Posted Sep 6, 2012
Authored by Ben Williams, sinn3r, Stefan Viehboeck | Site metasploit.com

This Metasploit module exploits a default misconfiguration flaw on Symantec Messaging Gateway. The 'support' user has a known default password, which can be used to login to the SSH service, and gain privileged access from remote.

tags | exploit, remote
advisories | CVE-2012-3579, OSVDB-85028
SHA-256 | a43d27bd69dd1a7e1c0fff3b8a4a24b14573fc751ae1415faf70bc5354e57f89
Websense (Triton 7.6) Stored Cross Site Scripting
Posted May 2, 2012
Authored by Ben Williams | Site ngssoftware.com

Websense (Triton version 7.6) suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d95e2e527117d8f43289052a25656bb74a06860ac147a2a7878d7156ade95f33
Websense (Triton 7.6) Remote Command Execution
Posted May 2, 2012
Authored by Ben Williams | Site ngssoftware.com

Websense (Triton version 7.6) suffers from an unauthenticated remote command execution vulnerability as SYSTEM.

tags | exploit, remote
SHA-256 | f645a7caf1ec5fabb47c1071d27be9fb15b3446fd7b8739afcce59b8eb6a2056
Websense (Triton 7.6) Authentication Bypass
Posted May 2, 2012
Authored by Ben Williams | Site ngssoftware.com

Websense (Triton version 7.6) suffers from an authentication bypass vulnerability in the report management UI.

tags | exploit, bypass
SHA-256 | 6fdbe0556ac78b82f68cc8e77d4e00ba2b5d67d1b4691aa50a420a994e7628a0
Websense (Triton 7.6) Cross Site Scripting
Posted May 2, 2012
Authored by Ben Williams | Site ngssoftware.com

Websense (Triton version 7.6) suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 10ab91a8b28cfcb833d0dc22c278141f128e41c597a2bb2b7d79e811fab369ad
McAfee Email And Web Security Appliance File Download
Posted Mar 30, 2012
Authored by Ben Williams | Site ngssoftware.com

McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a file download vulnerability.

tags | advisory, web
SHA-256 | 541d487c0fd9f602725c99856fa3e3627cd412b773bb200ff86822d291aee585
McAfee Email And Web Security Appliance Password Hash
Posted Mar 30, 2012
Authored by Ben Williams | Site ngssoftware.com

McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a password cracking vulnerability.

tags | advisory, web
SHA-256 | 83b1fca33c08846e197daa065fc717ff51f5a94766c6b9b25ceeac7ca984be29
McAfee Email And Web Security Appliance Token Disclosure
Posted Mar 30, 2012
Authored by Ben Williams | Site ngssoftware.com

McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a token disclosure vulnerability.

tags | advisory, web
SHA-256 | 5e6128752681e8d4144799b7dd87140151481f96ddb6ba769da110dd68f46272
McAfee Email And Web Security Appliance Access Bypass
Posted Mar 30, 2012
Authored by Ben Williams | Site ngssoftware.com

McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from an access bypass vulnerability.

tags | advisory, web, bypass
SHA-256 | 38b9c98ba1910b6ae86c52cbb72d534f1960caf1fa1e8484b1a424503d4d3a2b
McAfee Email And Web Security Appliance Session Hijacking
Posted Mar 29, 2012
Authored by Ben Williams | Site ngssoftware.com

McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a session hijacking vulnerability.

tags | advisory, web
SHA-256 | ea917b03e7a1554b15684bdf3c879c93ffadab2739f8cdd41c0e98cfd264ec09
McAfee Email And Web Security Appliance Cross Site Scripting
Posted Mar 29, 2012
Authored by Ben Williams | Site ngssoftware.com

McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a cross site scripting vulnerability.

tags | advisory, web, xss
SHA-256 | 0c1840f7a89acaf990fbe44ab43b5a65bc48fca9f572401830ddd523cc72dcde
SIP Username Enumerator For Asterisk
Posted Dec 23, 2011
Authored by Ben Williams

This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.

tags | exploit
advisories | CVE-2011-4597
SHA-256 | 54da0d99e312b44be212dc5220e9ea0fef3a31a1f8a4b91a6f8f48f53c53ca09
Websense Triton 7.6 Stored Cross Site Scripting
Posted Dec 15, 2011
Authored by Ben Williams | Site ngssoftware.com

Various Websense products suffer from a stored cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | bbf08900d088b14d88e0a2bf6321e7fe7ce0f120eeab7eab72fd4e100ce42413
Websense Triton Command Execution
Posted Dec 15, 2011
Authored by Ben Williams | Site ngssoftware.com

Various Websense products suffer from unauthenticated remote command execution vulnerability.

tags | advisory, remote
SHA-256 | e549a2fbd318fe2dbdfb412e12109360d21400f9c2d218e825b732d8f8e02e51
Websense Triton Cross Site Scripting
Posted Dec 15, 2011
Authored by Ben Williams | Site ngssoftware.com

Various Websense products suffer from a reflective cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | ece90c79ca2a7739685ff63342d4b3f531e7efa8593f4912807b6aca78ab5854
Websense Triton Authentication Bypass
Posted Dec 15, 2011
Authored by Ben Williams | Site ngssoftware.com

Various Websense products suffer from an authentication bypass vulnerability.

tags | advisory, bypass
SHA-256 | 2dc97d1c90a801c209072e2d488749516a0b6c66f1c93d5a035c0c47c908670f
xlockfmt.c
Posted Dec 6, 2000
Authored by Ben Williams

Xlock local format string exploit for Linux/x86. Tested on Slackware 7.1 and Redhat 6.2.

tags | exploit, x86, local
systems | linux, redhat, slackware
SHA-256 | 4d145844ebe8a37d22c403be58bb4a6d5b30eb6341926262952994da081a236f
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close