what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

Files from Frank Denis

Email addressj at pureftpd.org
First Active2002-07-03
Last Active2014-10-02
Pure-FTPd External Authentication Bash Environment Variable Code Injection
Posted Oct 2, 2014
Authored by Frank Denis, Spencer McIntyre, Stephane Chazelas | Site metasploit.com

This Metasploit module exploits the code injection flaw known as shellshock which leverages specially crafted environment variables in Bash. This exploit specifically targets Pure-FTPd when configured to use an external program for authentication.

tags | exploit, bash
advisories | CVE-2014-6271
SHA-256 | d1353f15ae7ed9aea8cd6b1644f5fbeada6291338684996bc3b3a388a0f3b2ec
kitchenaid.txt
Posted Oct 13, 2004
Authored by Frank Denis

This one is serious.. smoothie makers beware. There's a race condition in KitchenAid blenders that can trigger a denial of service. The device will require a physical shutdown in order to work again. Full details of exploitation provided.

tags | advisory, denial of service
SHA-256 | 99035039e64067b952af58f3209809e892647771d9123ba06bedf99a51bf960c
BrocadeDoS.txt
Posted Sep 9, 2004
Authored by Frank Denis

Brocase switches can be frozen with a few specially crafted TCP packets. The IP stack becomes unresponsive and remote administration becomes impossible. This attack does not require any authentication and there is no trace in any log file. Versions affected: All Brocade fiber channel switches running pre-3.2 code including Silkworm 3800, Silkworm 3200 and Silkworm 2800.

tags | advisory, remote, tcp
SHA-256 | fd5b1fd96268eb5f48f6af03f5007c9d70d0e73120ab7db2b96f8616abeb1a8e
engenioLSI.txt
Posted Sep 9, 2004
Authored by Frank Denis

Storagetek and IBM FastT controllers can be frozen with a few specially crafted TCP packets. The IP stack becomes unresponsive and administration through Santricity/IBM Storage Manager becomes impossible. Under some circumstances, unrecoverable corruption of the stored data will happen. This attack doesn't require any authentication and there is no trace in any log file. The controllers are vulnerable even at installation-time.

tags | advisory, tcp
SHA-256 | 9f0a33dcfdb49b6eae3cc05e488bd9881a47508833daf81f508815df58c6fc70
mnoGoSearch0215.txt
Posted Feb 16, 2004
Authored by Frank Denis

mnoGoSearch versions 3.2.13-15 are vulnerable to a buffer overflow attack when a large document is indexed.

tags | advisory, overflow
SHA-256 | b81572f8e5896c50b3258ba30d2a396e68c049ce518ef8b86832bea9d0ef61b5
webjavablam.txt
Posted Oct 3, 2003
Authored by Frank Denis

Multiple web-based mail systems, when browsed through Internet Explorer, may allow for arbitrary Javascript execution.

tags | advisory, web, arbitrary, javascript
SHA-256 | a34a778bae5158f0d6f80286e755627144609ff52df498c4a83f33efc899ac8d
mysqlpriv.txt
Posted Sep 13, 2003
Authored by Frank Denis | Site secunia.com

Secunia Research Advisory - A vulnerability in MySQL version 4.0.14 and below, due to a boundary error when checking passwords before hashing and storing them in the User table, can be exploited by malicious users to escalate their privileges via supplying a value longer than 16 characters using set password.

tags | advisory
SHA-256 | b38050cc8622e8b30bee6fe74ad079fbb83abe828e36d3b629f1c530345f520d
mod_ssl_off_by_one.txt
Posted Jul 3, 2002
Authored by Frank Denis

An off-by-one overflow in Apache mod_ssl v2.4.9 and below can be used to by local users to execute code with the privileges of the web server.

tags | web, overflow, local
SHA-256 | bc874d50af7de42b9e7892022426567f87b4cec80e88a6470ac08c1097e61b27
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close