what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files from 3APA3A

Email address3apa3a at security.nnov.ru
First Active2001-01-09
Last Active2007-03-09
msfilemanagement.txt
Posted Mar 9, 2007
Authored by 3APA3A | Site securityvulns.com

Article discussing file management security issues in Microsoft Windows Vista/2003/XP/2000.

tags | advisory
systems | windows
SHA-256 | af2416acea7784325eb7b5e5fd487071fe970b7a59fd3bfa82407217ee7559d8
spydir.c
Posted Feb 24, 2007
Authored by 3APA3A | Site securityvulns.com

Exploit that demonstrates the vulnerability in ReadDirectoryChangesW() for Microsoft Windows 2000/XP/2003/Vista.

tags | exploit
systems | windows
advisories | CVE-2007-0843
SHA-256 | 4478745e135e06387cd47d9eeaa660d45d71036448847dcdbc5d5e4abacc8449
readirchange.txt
Posted Feb 24, 2007
Authored by 3APA3A | Site securityvulns.com

ReadDirectoryChangesW() in Microsoft Windows 2000/XP/2003/Vista does not check a user's permissions for child objects, making it possible to retrieve information about objects that a user has no LIST permissions for.

tags | advisory
systems | windows
advisories | CVE-2007-0843
SHA-256 | 28c243a93150e7391b8dd5ee991fbdddfc48cde9df598f7cf90b32d70425b91a
year3000.txt
Posted Feb 13, 2007
Authored by 3APA3A | Site SecurityVulns.com

Microsoft Visual C++ version 8.0 suffers from a denial of service condition.

tags | advisory, denial of service
advisories | CVE-2007-0842
SHA-256 | f7fe00818ea85c70a2896433664c42f3b88ce3298aa19b8e8bdf63471623ff38
hpnnm750.txt
Posted Feb 13, 2007
Authored by 3APA3A

Hewlett-Packard Network Node Manager version 7.50 suffers from a weak file permission vulnerability.

tags | advisory
advisories | CVE-2007-0819
SHA-256 | 18e604d9ebe27727202f140e225b76db05ea8dd755422272552f40dd75b95143
mb-ms.txt
Posted Dec 27, 2006
Authored by 3APA3A

Microsoft Windows XP/2003/Vista suffers from a memory corruption flaw.

tags | advisory
systems | windows
SHA-256 | 705bd57347d0e6a7a932a0cbc5376bb71bc6bb86572f00fc641439dee19e2f8e
pandais.txt
Posted Sep 8, 2006
Authored by 3APA3A | Site security.nnov.ru

Panda Platinum Internet Security 2006/2007 suffers from multiple vulnerabilities. Insecure file permissions allow an unprivileged local user the ability to obtain system-level access or access to account of another logged on user. Insecure design of the spam filtering control engine allows remote attackers to control bayesian self learning spam filtering process using a malicious web page.

tags | advisory, remote, web, local, vulnerability
SHA-256 | 64bf6b4e76147fd07e6e28bffb2aa61bd8df71d79c186dd1e124d9eb55b2dbac
ICQ-xas.txt
Posted May 17, 2006
Authored by 3APA3A | Site security.nnov.ru

Under some conditions, the ICQ client is vulnerable to remote script injection into the My Computer Security Zone of the Internet Explorer component used to display advertisement banners.

tags | advisory, remote
SHA-256 | c1b734689902bb448560a2eb96f4343e17e937067a337cfa835e1a669561f972
thebatSpoof.txt
Posted Feb 8, 2006
Authored by 3APA3A | Site security.nnov.ru

The design flow in the way The Bat! 2.x displays messages allows attackers to spoof RFC 822 headers and more.

tags | exploit, spoof
SHA-256 | ad0f681bcad8c9274be2769c052fb5e6dbf1f003fec29f7f9f7f7d1023ba0bdc
SPIbad.txt
Posted Jul 28, 2005
Authored by 3APA3A

SPIDynamics WebInspect is susceptible to cross-application scripting attacks.

tags | advisory
SHA-256 | 1015978531e7b0bc37dd7eef03b9bb70913a12479637df33e68b9197fcf36a51
wininet.dll_unicode_overflow.txt
Posted Apr 20, 2005
Authored by 3APA3A | Site security.nnov.ru

The InternetCreateUrlW function of wininet.dll, a core component of Internet Explorer, is vulnerable to a buffer overflow attack when the source buffer is copied into the destination buffer using WideCharToMultiByte. In practice this is probably only useful for Denial of Service attacks (if that) and still requires some social-engineering to actually exploit this.

tags | advisory, denial of service, overflow
SHA-256 | ff53458ff1c02389c39168172c59ac6ab1cbb62bfdb0fc78469a4dc9190da6ca
fdset.txt
Posted Jan 25, 2005
Authored by 3APA3A | Site security.nnov.ru

Multiple applications that suffer from the fd_set overflow vulnerability can be exploited remotely.

tags | advisory, overflow
SHA-256 | 98b5664dadec4af4304274a5d8ca405f190f86ac380dc5aa853abbe0b1aeb28f
bypassArticle.txt
Posted Oct 28, 2004
Authored by 3APA3A, offtopic | Site security.nnov.ru

Presentation: Bypassing client application protection techniques with notepad.

tags | paper
SHA-256 | e4f987378606cf9b7a1349994610bfb96d53d4405cc8e13e837a7a2766319313
timesync.html
Posted Aug 20, 2004
Authored by 3APA3A | Site security.nnov.ru

White paper discussing the fact that many modern networks are extremely dependant on a centralized time resource and the negative aspects of a network not having one.

tags | paper
SHA-256 | 5002e772d9e24ac5abaeb58ec0059d55af71c592417b69d56aac8c3ecc92433d
security-nnov.kav.txt
Posted Feb 12, 2003
Authored by 3APA3A | Site security.nnov.ru

Kaspersky Antivirus (KAV) crashes when it tries access a path that has more the 256 characters. In addition to this vulnerability, a long path can be used to hide malware. Also, malware with specially crafted names are not detected by this anti-virus product. Tested on Kaspersky Antivirus 4.0.9.0.

tags | advisory, virus
SHA-256 | 6949810c13d2cba2796d0abbbae6962016128aba3acc695195bdaa032d0e85b3
security-nnov.far.txt
Posted Feb 12, 2003
Authored by 3APA3A | Site security.nnov.ru

It has been found that the Far file manager does not handle path names correctly. This can result in a buffer overflow condition that allows code execution. An example script to crash Far 1.70beta1 and 1.70beta4 is included. The Far developers (Rarlab) will fix this in version 1.70beta5.

tags | advisory, overflow, code execution
SHA-256 | 3c005022589cdd7f5a8b111e3c1376932e2a7aa5e26e42083ce66606bbf95efb
nbtstream.c
Posted May 21, 2001
Authored by 3APA3A | Site security.nnov.ru

Nbtstream.c is a NetBIOS session request flooder which exploits the bug discussed in MS00-091. Causes unpatched Windows machines to hang or crash.

tags | denial of service
systems | windows
SHA-256 | fcf420233e3df4916cfd60c2f95d68644e51e1aad9d9aa681177af92eecb8c2f
thebat.traverse.txt
Posted Jan 9, 2001
Authored by 3APA3A | Site security.nnov.ru

The Bat! v1.48f and below has a client side vulnerability which allows malicious mail messages to add any files in any directory on the disk where user stores his attachments.

tags | exploit
SHA-256 | 1adbf87e7851d5d7a9b23c17e6184b5d212a67dbc7d0715a21f84ca3f403a183
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close