what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Paul Szabo

Email addresspsz at maths.usyd.edu.au
First Active2000-12-22
Last Active2023-08-14
Qualys RSA Usage Issue
Posted Aug 14, 2023
Authored by Paul Szabo

Qualys scanners use the ssh-rsa algorithm for pubkey signing in its attempt of SSH login. Modern SSHD servers reject pubkey login with ssh-rsa, so Qualys is unable to scan up-to-date Linux e.g. Debian12 or RHEL9. Qualys does not check the list of pubkey signing algorithms accepted by SSHD servers, and therefore cannot notify about any insecure ones.

tags | advisory
systems | linux
SHA-256 | 9cc12364accc88c8da5dc14fcda696933b5a5d17343558cadfdb7480fa60e6fa
Netgear CG3000v2 Password Change Bypass
Posted Mar 16, 2016
Authored by Paul Szabo

The Netgear CG3000v2 cable modem fails to validate an admin's old password prior to changing to a new one. It also appears to suffer from cross site request forgery issues.

tags | exploit, bypass, csrf
SHA-256 | 60a9f0aaa0dd1bda3794476688930f7d44eef4e51d60f57a34808b39c96672ff
Utempter Fake Entry Manipulation
Posted Oct 6, 2012
Authored by Paul Szabo

Utempter allows for utmp manipulation that can deceive any software depending on it.

tags | exploit
SHA-256 | 158ebf754dd7aea0420f62e882dc07d1115a71b7b038eba49a746eceb19da362
Mathematica On Linux /tmp Vulnerability
Posted Apr 16, 2012
Authored by Paul Szabo

Mathematica on Linux uses the /tmp/MathLink directory in insecure ways that can allow for account takeover. The problem was made worse by later versions as the addendum states. As of 02/08/2013, the author has noted that this problem is still present in version 9.0.1. As of 08/27/2014, the author has noted that this problem is still present in version 10.0.0 for the GUI interface.

tags | exploit
systems | linux
SHA-256 | 7ededdbc15af7026dccd7b744315ba7216047ad69a2910c0587edbe99dab0843
Oracle fcgi-bin/echo Cross Site Scripting
Posted Mar 23, 2011
Authored by Paul Szabo

Oracle web server installations with fcgi-bin/echo suffer from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 876ccd422be21e22190e6a2ef52166aa0a13d89638cc8bd6d07d521630c33e6d
Oracle Echo Cross Site Scripting
Posted Oct 10, 2010
Authored by Paul Szabo

Oracle web server installations with fcgi-bin/echo suffer from a cross site scripting vulnerability.

tags | advisory, web, xss
SHA-256 | c15f625d234b659b83eff0e0187bb1b65a44f4a7f1400da4d1ac668d47f8f949
Mathematica Symlink Attack
Posted May 15, 2010
Authored by Paul Szabo

Mathematic7 on Linux suffers from a symlink attack vulnerability. Update for 2011-01-03 - Version 8 is also vulnerable.

tags | exploit
systems | linux
SHA-256 | ba1b34538e2340ce2f349c4b509a6cfecb9b3b2d190542148c53cc3ed5b20b2c
debian-symlink.txt
Posted Dec 1, 2008
Authored by Paul Szabo

Debian GNU/Linux symbolic link attack arbitrary file ownership proof of concept exploit.

tags | exploit, arbitrary, proof of concept
systems | linux, debian
SHA-256 | 01bb7b87168f7fc7ba6f2ba43602456a44d4690bdb889ce8106189f7ebf3740e
firefox-inherit.txt
Posted Dec 4, 2007
Authored by Paul Szabo | Site maths.usyd.edu.au

Firefox version 2.0.0.10 appears to inherit the charset of a parent page.

tags | advisory
SHA-256 | 724418cd6fb332b578ca7acd25889fd7dc4e96ce25b54811cc3f66a60a0db7d2
ls-setgid.txt
Posted Feb 24, 2007
Authored by Paul Szabo | Site maths.usyd.edu.au

It appears that /bin/ls has slipped into the linux-ftpd distribution for Debian as setgid 0. This could possibly be used to leverage root group access.

tags | advisory, root
systems | linux, debian
SHA-256 | 9a2c4c72d6921d08161dd1e56bc5e49f3512f537413ccb2c789a4aa74343f336
eudora62014.txt
Posted Nov 20, 2004
Authored by Paul Szabo

Eudora 6.2.14 for Windows that was just released is still susceptible to an attachment spoofing vulnerability. Working exploit included.

tags | exploit, spoof
systems | windows
SHA-256 | 40feffee7423a8d9403bc9b62c864111246e0808bd8068c7ab5f09b183a516b9
eudoraURL.txt
Posted May 9, 2004
Authored by Paul Szabo

Eudora for windows has a buffer overflow in versions 6.1, 6.0.3, and 5.2.1. Sample exploitation included.

tags | exploit, overflow
systems | windows
SHA-256 | e1c845825eb5408eef5c7fae221f1e6a0db42ab375456108da90f20b60b04384
eudora61.pl
Posted Apr 20, 2004
Authored by Paul Szabo

Eudora 6.1 still has attachment spoofing flaws along with a Nested MIME DoS vulnerability.

tags | exploit, denial of service, spoof
SHA-256 | d3024ea6787aa72ecd301f863e452c672b83f691a325455dd8c7f5b291042e9a
eudora603.pl
Posted Mar 19, 2004
Authored by Paul Szabo

Exploit that performs an attachment spoofing demo for Eudora versions 6.0.3 and below.

tags | exploit, spoof
SHA-256 | 0c214a6830a6b38f208d91c88ccce9d0df221e499a4b82c10d438246c122aa6b
launchprotect.pl
Posted Dec 3, 2003
Authored by Paul Szabo

Remote exploit for Eudora 6.0.1's (on Windows) LaunchProtect feature, which warns the user before running executable attachments. Unfortunately this only works in the attach folder; using spoofed attachments, executables stored elsewhere may run without warning.

tags | exploit, remote, spoof
systems | windows
SHA-256 | b80328406863d0be504957a92ac97cabca2db4fc69884a48e398d8e55f0a64d3
ksh.temp-hole.txt
Posted Dec 22, 2000
Authored by Paul Szabo

The Korn Shell (ksh) uses temp files in an insecure manner. Demonstration included.

tags | exploit, shell
SHA-256 | 46bf095b3af47f5a39cd2ce0d8c077e482095e3d43d2cc6b15980c73f2114313
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close