exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Karol Wiesek

Email addresskarol at wiesek.pl
First Active2002-11-01
Last Active2009-08-07
iDEFENSE Security Advisory 2009-08-04.2
Posted Aug 7, 2009
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDefense Security Advisory 08.04.09 - Local exploitation of an arbitrary file creation vulnerability in IBM Corp.'s Advanced Interactive eXecutive (AIX) Operating System allows attackers to execute arbitrary code with super-user privileges. iDefense has confirmed the existence of this vulnerability in IBM Corp.'s AIX version 5.3. Other versions may also be affected.

tags | advisory, arbitrary, local
systems | aix
SHA-256 | c2f93a0a5ddb535bfba9a73e58921b94de4aee8dfa76f6dbea11cf4494f746d2
panda.tgz
Posted Jul 10, 2008
Authored by Karol Wiesek | Site karol.wiesek.pl

Two vulnerabilities exist in the update function for Panda Security ActiveScan version 2.0. Remote buffer overflow exploit included.

tags | exploit, remote, overflow, vulnerability
SHA-256 | fc8c8168cc278ad654aef72bed59d187fe305f76fbd2789031b91d1ca2a0d26a
lesstif-advisory.pdf
Posted Aug 18, 2006
Authored by Karol Wiesek | Site karol.wiesek.pl

Lesstif local root exploit for Mandrake Linux 2006 that makes use of the mtink binary which is setuid by default.

tags | exploit, local, root
systems | linux, mandrake
SHA-256 | 93c5c74660c45a18ce6ccea75249edf597881501453e35ba6adbd416614392f7
vixie_crontab_readfiles-exploit_and_advisory.txt
Posted Apr 17, 2005
Authored by Karol Wiesek

Vixie crontab allows reading other user's crontabs. Tested on FC3 with vixie-cron-4.1-24_FC3.

tags | exploit
SHA-256 | 721b09218f838494b039e5a6cb4abd8c36023e6855c5829a54d5b50649c0b03f
iDEFENSE Security Advisory 2005-02-07.t
Posted Feb 23, 2005
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 02.07.05 - Remote exploitation of a command injection vulnerability in the Squirrelmail S/MIME plugin allows web mail users to execute arbitrary commands with the privileges of the web server.

tags | advisory, remote, web, arbitrary
SHA-256 | 35671328df6ad7b30df6bdca6e66a1bb2b1ad41710b19633efa94975faefefa3
nwclient.txt
Posted Dec 11, 2004
Authored by Karol Wiesek

Buffer overflows have been discovered in ncplogin and ncpmap in ncpfs.

tags | advisory, overflow
SHA-256 | c294b3360b3ddff9fac26764f6fdbeaf48fbc3a3c0cf6921df14103682138576
iDEFENSE Security Advisory 2004-11-15.t
Posted Nov 20, 2004
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.15.04 - Multiple vulnerabilities have been found in Fcron 2.0.1 and 2.9.4. Local exploitation of vulnerabilities in the fcronsighup component of Fcron may allow users to view the contents of root owned files, bypass access restrictions, and remove arbitrary files or create arbitrary empty files.

tags | advisory, arbitrary, local, root, vulnerability
advisories | CVE-2004-1030, CVE-2004-1031, CVE-2004-1032, CVE-2004-1033
SHA-256 | 1e3a7a297e5c9cf6eef481188a172658e3a5fce82dfb0d82a7bcfd0ddfb53772
iDEFENSE Security Advisory 2004-11-08.t
Posted Nov 10, 2004
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.08.04 - Remote exploitation of an input validation error in Samba could allow an attacker to consume system resources and potentially cause the target system to crash.

tags | advisory, remote
advisories | CVE-2004-0930
SHA-256 | 131548f64663e091c700d9c86eed756350dffa82c05ce5da3dfe0dec012e41a5
cpanelChmod.txt
Posted Oct 26, 2004
Authored by Karol Wiesek

cPanel 9.4.1 allows logged in users to change permission of any file to 755.

tags | advisory
SHA-256 | 2dbd2ffc962d08b971f885ce0649ce6e7308777ab6e9b6843abb9792970232ac
cpanelChown.txt
Posted Oct 26, 2004
Authored by Karol Wiesek

cPanel 9.4.1 allows logged in users the ability to change ownership of any file to their uid:gid.

tags | advisory
SHA-256 | f2a62268ae0d95df13b67e1ba2aaa36b4ea8a6260de6349f34fa4b680d8793f5
cpanelBackup.txt
Posted Oct 26, 2004
Authored by Karol Wiesek

cPanel 9.4.1 is susceptible to a classic symbolic link attack.

tags | advisory
SHA-256 | 9d09c284862856b892c22b1f28f3233bec231367ca526c5480075e9ddc323a21
samba22x.txt
Posted Oct 7, 2004
Authored by Karol Wiesek | Site samba.org

Samba versions 2.2.11 and below and versions below and equal to 3.0.5 allow a remote attacker that ability to gain access to files that exist outside of the share's defined path. Such files must still be readable by the account used for the connection.

tags | advisory, remote
SHA-256 | 4f9156f25d9d86303f9556eb907601a2fdfd174787601f7b6045e7dc7b476a98
iDEFENSE Security Advisory 2004-05-12.t
Posted May 13, 2004
Authored by Karol Wiesek, iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 05.12.04: Exploitation of an input validation vulnerability within Opera Software ASA.'s Opera Web Browser could allow remote attackers to create or truncate arbitrary files. The problem specifically exists within the telnet URI handler. Opera does not check for '-' at the beginning of hostname passed through the handler, which lets options pass to the telnet program, allowing file creation or overwriting.

tags | advisory, remote, web, arbitrary
SHA-256 | 88a3986f22d8cc48d56d3b3bad13399d7e191cf92cee76f2c337819dcbe15f61
iDEFENSE Security Advisory 2003-06-16.t
Posted Jun 17, 2003
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 06.16.03: The pam_wheel module of Linux-PAM uses getlogin() in an insecure manner, thereby allowing attackers to bypass certain restrictions. The pam_wheel module is often used with the su command to allow users belonging to a trusted group to utilize the command without supplying a password. The module utilizes the getlogin() function to determine the name of the currently logged in user. This name is then compared against a list of members of a trusted group as specified in the configuration file. If the trust option is enabled in the pam_wheel configuration file and the use_uid option is disabled, any local user may spoof the username returned by getlogin() and gain access to a super-user account without supplying a password.

tags | exploit, local, spoof
systems | linux
SHA-256 | c65f3b99c2e44aca0273c3c270501fa89200aeeec261693c53ac01a45de16c3e
iDEFENSE Security Advisory 2003-01-21.t
Posted Jan 23, 2003
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package. Three vulnerabilities exist, the worst of which allows local root compromise. Overflows in the mtink and escputil binaries, which are set group id sys, allow an attacker to gain sys group privileges. A race condition in the ml85p binary, which is set user id root, allows an attacker to create a file with super user privileges.

tags | advisory, overflow, local, root, vulnerability
systems | linux, mandrake
SHA-256 | 7176f37ea45e1920e9e214222d1b7446b1bb27eb36daf186f9b7edeb3b38a417
idefense.prometheus.txt
Posted Nov 1, 2002
Authored by David Endler, Karol Wiesek | Site idefense.com

iDEFENSE Security Advisory 10.31.2002b - Prometheus v6.0 and below is a web application framework written in PHP which allows remote attackers to execute arbitrary commands.

tags | remote, web, arbitrary, php
SHA-256 | 8a9f3b109a813e90ba5162e210fa2e3db32c9299a4328fbb8c040f64e6b82ff2
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close