exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

Files from Frank Denis

Email addressj at pureftpd.org
First Active2002-07-03
Last Active2014-10-02
Pure-FTPd External Authentication Bash Environment Variable Code Injection
Posted Oct 2, 2014
Authored by Frank Denis, Spencer McIntyre, Stephane Chazelas | Site metasploit.com

This Metasploit module exploits the code injection flaw known as shellshock which leverages specially crafted environment variables in Bash. This exploit specifically targets Pure-FTPd when configured to use an external program for authentication.

tags | exploit, bash
advisories | CVE-2014-6271
MD5 | 1509d16ef5a69d2e95b0b3996782eef8
kitchenaid.txt
Posted Oct 13, 2004
Authored by Frank Denis

This one is serious.. smoothie makers beware. There's a race condition in KitchenAid blenders that can trigger a denial of service. The device will require a physical shutdown in order to work again. Full details of exploitation provided.

tags | advisory, denial of service
MD5 | b2ab637956d355d4e3444f0576c36615
BrocadeDoS.txt
Posted Sep 9, 2004
Authored by Frank Denis

Brocase switches can be frozen with a few specially crafted TCP packets. The IP stack becomes unresponsive and remote administration becomes impossible. This attack does not require any authentication and there is no trace in any log file. Versions affected: All Brocade fiber channel switches running pre-3.2 code including Silkworm 3800, Silkworm 3200 and Silkworm 2800.

tags | advisory, remote, tcp
MD5 | d2681304485cb00bffdfd443a6ddf27a
engenioLSI.txt
Posted Sep 9, 2004
Authored by Frank Denis

Storagetek and IBM FastT controllers can be frozen with a few specially crafted TCP packets. The IP stack becomes unresponsive and administration through Santricity/IBM Storage Manager becomes impossible. Under some circumstances, unrecoverable corruption of the stored data will happen. This attack doesn't require any authentication and there is no trace in any log file. The controllers are vulnerable even at installation-time.

tags | advisory, tcp
MD5 | 2ed30b932c253febc928b0a5173bd781
mnoGoSearch0215.txt
Posted Feb 16, 2004
Authored by Frank Denis

mnoGoSearch versions 3.2.13-15 are vulnerable to a buffer overflow attack when a large document is indexed.

tags | advisory, overflow
MD5 | fd3a2099347691ac608293bbe7a1ad85
webjavablam.txt
Posted Oct 3, 2003
Authored by Frank Denis

Multiple web-based mail systems, when browsed through Internet Explorer, may allow for arbitrary Javascript execution.

tags | advisory, web, arbitrary, javascript
MD5 | f43881251d720373469aeb2a23b33b2f
mysqlpriv.txt
Posted Sep 13, 2003
Authored by Frank Denis | Site secunia.com

Secunia Research Advisory - A vulnerability in MySQL version 4.0.14 and below, due to a boundary error when checking passwords before hashing and storing them in the User table, can be exploited by malicious users to escalate their privileges via supplying a value longer than 16 characters using set password.

tags | advisory
MD5 | e7f100b3982c843c5892e2563a9acfe2
mod_ssl_off_by_one.txt
Posted Jul 3, 2002
Authored by Frank Denis

An off-by-one overflow in Apache mod_ssl v2.4.9 and below can be used to by local users to execute code with the privileges of the web server.

tags | web, overflow, local
MD5 | 71b2a1d5ee8d97e347d33c4a6f7aeaab
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close