Twenty Year Anniversary
Showing 1 - 8 of 8 RSS Feed

Files from Joost Pol

Email addressjoost at pine.nl
First Active2002-03-07
Last Active2004-11-12
squirrelXSS.txt
Posted Nov 12, 2004
Authored by Joost Pol | Site squirrelmail.org

SquirrelMail versions 1.4.3a and below suffer from a cross site scripting issue in the decoding of encoded text in certain headers. It correctly decodes the specially crafted header, but does not sanitize the decoded strings.

tags | advisory, xss
MD5 | e2157d9b8a998aad296e8c1f503db370
pine-cert-20040201.txt
Posted Feb 4, 2004
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20040201 - The shmat(2) function has a flaw that allows local users to achieve escalated privileges. Vulnerable systems: FreeBSD versions 2.2.0 and greater, NetBSD versions 1.3 and greater, and OpenBSD versions 2.6 and greater.

tags | advisory, local
systems | netbsd, freebsd, openbsd
MD5 | 25db0c46af816ef1da53abd971ffd9e5
FreeBSD Security Advisory 2003.17
Posted Oct 3, 2003
Authored by The FreeBSD Project, Joost Pol | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:17.procfs - A malicious local user could arrange to use a negative or extremely large offset when reading from a procfs "file", causing a system crash, or causing the kernel to return a large portion of kernel memory.

tags | advisory, kernel, local
systems | freebsd
MD5 | e829d03032083302d95fbdcbe31c92a6
pine-cert-20030902.txt
Posted Oct 3, 2003
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20030902 - An integer overflow condition in all versions of FreeBSD could lead to disclosure of kernel memory.

tags | advisory, overflow, kernel
systems | freebsd
MD5 | f6467090f3c8c25f4143bebcf8bd9dc4
pine-cert-20030901.txt
Posted Oct 3, 2003
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20030901 - An integer overflow condition that is exploitable under FreeBSD versions 4.3 to present allows for a denial of service and/or privilege escalation.

tags | advisory, denial of service, overflow
systems | freebsd
MD5 | a75744b84a107cfb9a9f5f81ca214c17
FreeBSD Security Advisory 2003.16
Posted Oct 2, 2003
Authored by The FreeBSD Project, Joost Pol | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-03:16.filedesc - A programming error in the readv system call can result in the given file descriptor's reference count being erroneously incremented. A local attacker may cause the operating system to crash by repeatedly calling readv on a file descriptor until the reference count wraps to a negative value, and then calling close on that file descriptor. Similarly, it may be possible to cause a file descriptor to reference unallocated kernel memory, but remain valid. If a new file is later opened and the kernel allocates the new file structure at the same memory location, then an attacker may be able to gain read or write access to that file. This may in turn lead to privilege escalation. This affects releases 4.3-RELEASE through 4.8 RELEASE.

tags | advisory, kernel, local
systems | freebsd
MD5 | b9169c6f84155dd2cc80d396feea2cfb
pine-cert-20030101.txt.asc
Posted Jan 6, 2003
Authored by Joost Pol | Site pine.nl

Pine Digital Security Advisory PINE-CERT-20030101 - A local vulnerability has been found in the FreeBSD kernel which allows privilege escalation or denial of service by taking advantage of the socket file counter. FreeBSD 4.X after 20021111 has been fixed.

tags | advisory, denial of service, kernel, local
systems | freebsd
MD5 | f3524837f48eaa73a53fcc6ee5a1ba6e
pine-cert-20020301.txt
Posted Mar 7, 2002
Authored by Joost Pol | Site pine.nl

An off by one overflow has been discovered in the channel code of OpenSSH versions 2.0 - 3.0.2. Users with an existing user account can abuse this bug to gain root privileges. Exploitability without an existing user account has not been proven but is not considered impossible. A malicious ssh server could also use this bug to exploit a connecting vulnerable client. Fix available here.

tags | overflow, root
MD5 | ecdf956f5de7d031f0b926d0081f0a51
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close