exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files from Dennis Rand

Email addressrand at csis.dk
First Active2003-01-27
Last Active2008-06-04
CSIS-RI-0003.pdf
Posted Jun 4, 2008
Authored by Dennis Rand | Site csis.dk

The HP Online Support Service ActiveX control, also known as HPISDataManager.dll, suffers from eight vulnerabilities. Five of them allow for arbitrary code execution. Proof of concept code included. It only took Hewlett Packard 207 days to fix this!

tags | exploit, arbitrary, vulnerability, code execution, activex, proof of concept
advisories | CVE-2008-0952, CVE-2007-5604, CVE-2007-5605, CVE-2007-5606, CVE-2007-5607, CVE-2007-5608, CVE-2008-0953, CVE-2007-5610
SHA-256 | 1b188660e4a25d66cc3fa31a4fc24596dfd706b01ebaa57dcf760e66e66ee2ef
Bluecoat-k9.pdf
Posted Jun 11, 2007
Authored by Dennis Rand | Site csis.dk

The CSIS Security Group has discovered a remote exploitable arbitrary overwrite in the Blue Coat K9 Web Protection local Web configuration manager on 127.0.0.1 and port 2372. Proof of concept code included.

tags | exploit, remote, web, arbitrary, local, proof of concept
advisories | CVE-2007-1685
SHA-256 | e439314045cde33c572329189b2b1ffd2b2ad01710f7ebc5bf25c1343fad7ed2
GdiPlus.pdf
Posted Jun 7, 2007
Authored by Dennis Rand | Site csis.dk

The CSIS Security Group has discovered an "Integer division by zero" flaw in the GDI+ component of Windows XP. Exploitation of this flaw can result in a denial of service condition.

tags | advisory, denial of service
systems | windows
SHA-256 | 7980b62bbb2093953a906e97875be655482e9335939734e9bd72a508ae4ef66e
cirt-43-advisory.pdf
Posted May 6, 2006
Authored by Dennis Rand | Site cirt.dk

A vulnerability has been found in an ActiveX object distributed as part of TDC' Microsoft CSP suite. The vulnerability allows code execution on any client machine that has the component installed if the user navigates to an attacker-created website.

tags | advisory, code execution, activex
advisories | CVE-2006-1172
SHA-256 | 847b6f1785975209852c8dfc4b78281784289bedcbf591c04c106ea438f64495
cirt-41-advisory.pdf
Posted Jan 15, 2006
Authored by Dennis Rand | Site cirt.dk

Apple Quicktime is susceptible to a buffer overflow vulnerability during the handling of .JPG/.PICT files. This vulnerability affects Windows Quicktime versions 6.5.1, 7.0.3, and Mac OSX Quicktime version 7.0.3. Earlier versions are suspected vulnerable.

tags | advisory, overflow
systems | windows, apple
advisories | CVE-2005-2340
SHA-256 | b66634cd6d4fb2048a91ab2a67fdb0d970c66b96ecc12f1fe54e00032f40bff6
cirt-40-advisory.pdf
Posted Nov 3, 2005
Authored by Dennis Rand | Site cirt.dk

Whatsup Small Business 2004 is susceptible to a directory traversal attack. Exploitation details provided.

tags | exploit
SHA-256 | c98f702c5a3e9db935de9b30864367cd84f73883b72753bdf77073dc45b31e2f
cirt-39-advisory.pdf
Posted Oct 30, 2005
Authored by Dennis Rand | Site cirt.dk

The Novell ZENworks Patch Management Server version 6.0.0.52 is vulnerable to SQL injection attacks in the management console. Details provided.

tags | exploit, sql injection
SHA-256 | 433dd55fe01eda54cebd993ccd449398457f8bc1cc0d256a5b77221b267c9724
cirt-38-advisory.pdf
Posted Oct 6, 2005
Authored by Dennis Rand | Site cirt.dk

CIRT Advisory - The Windows XP tftp.exe software is vulnerable to a local heap-based overflow that can allow for arbitrary command execution.

tags | advisory, overflow, arbitrary, local
systems | windows
SHA-256 | a8b7da25ca4b7658dd50dc3b1893ee3edc740f50149d2a1c34212bde7393a12b
cirt-37-advisory.pdf
Posted Sep 22, 2005
Authored by Dennis Rand | Site cirt.dk

TAC Vista version 3.0 is susceptible to a directory traversal vulnerability. Exploitation details provided.

tags | exploit
SHA-256 | 37ff2096e720eb5aa6bfe97bfabd2f99ed6f563e8ec52370138ea2234ca0b250
cirt-36-advisory.pdf
Posted Sep 13, 2005
Authored by Dennis Rand | Site cirt.dk

CIRT Advisory - Ipswitch Whatsup small Business 2004 suffers from a source code disclosure flaw.

tags | advisory
SHA-256 | 2a4a3eeff68c3411a3722811eefd0cd686d1571e0dc6357ac69038b0d5b0f5d0
cirt-35-advisory.pdf
Posted Sep 13, 2005
Authored by Dennis Rand | Site cirt.dk

CIRT Advisory - Ipswitch Whatsup Gold 8.04 is susceptible to a cross site scripting attack.

tags | advisory, xss
SHA-256 | 25c3c63923c1717774536bee62236cd9d948ab3e6e782fc3aa7fd852809595bd
cirt-34-advisory.pdf
Posted Sep 13, 2005
Authored by Dennis Rand | Site cirt.dk

CIRT Advisory - Ipswitch Whatsup Gold 8.04 suffers from a vulnerability where access is allowed to the source code of all files.

tags | advisory
SHA-256 | dee853136bfeb67555671bd11ba86523606228c30de1e0f44b322b931fc25069
cirt-27-advisory.pdf
Posted Jan 4, 2005
Authored by Dennis Rand | Site cirt.dk

The Macallan mail solution 4.0.6.8 (Build 786) contains several vulnerabilities allowing for web interface authentication bypass and denial of service.

tags | advisory, web, denial of service, vulnerability
SHA-256 | eba6ebe05afca905adfe01028c39883dfb61c6ad5ac934ef188cae4f97e9452a
MDaemon.txt
Posted Jul 14, 2003
Authored by Dennis Rand | Site Infowarfare.dk

A buffer overflow has been discovered in the IMAP4rev1 MDaemon v6.7.9 and below that can allow malicious users to remotely crash this application and commit code execution with SYSTEM privileges.

tags | advisory, overflow, code execution
SHA-256 | abf6ce1c4d9bf7f8ca7fe731e42afda03ebc4f4ddfc1cbcedb749995121a265c
cmail-vuln.txt
Posted May 12, 2003
Authored by Dennis Rand | Site Infowarfare.dk

A buffer overflow exists in the ESMTP CMailServer 4.0.2002.11.24 SMTP Service, resulting in a denial of service attack. It is possible to overwrite the exception handler on the stack allowing a system compromise with code execution running as SYSTEM.

tags | advisory, denial of service, overflow, code execution
SHA-256 | 5b6c7e29cda4b4895c96fe3a992e7e4f08e616bb0355e42816d8f3195bf180b9
FTGatePro.txt
Posted May 8, 2003
Authored by Dennis Rand | Site Infowarfare.dk

Multiple buffer overflow vulnerabilities have been found in FTGate Pro Mail Server v. 1.22 (1328). The SMTP server for FTGate has unchecked buffers for the MAIL FROM and RCPT TO commands that allows for a remote attacker to overwrite the stack pointer and can lead to remote code execution.

tags | exploit, remote, overflow, vulnerability, code execution
SHA-256 | 95f83e228cdce2e2eb8f46c216a792e6251d913be395c5a856648d63f75cb23a
fws160.txt
Posted Mar 7, 2003
Authored by Dennis Rand | Site Infowarfare.dk

Forum Web Server v1.60 has multiple vulnerabilities including a directory traversal that can be used to get usernames and passwords for the server and a cross site scripting vulnerability during message replies.

tags | exploit, web, vulnerability, xss
SHA-256 | c66b4e90a5ebfd225573a6e8e31055827254f3feadb7378c9169997431bc15e7
ftp_banner.txt
Posted Feb 4, 2003
Authored by Dennis Rand | Site infowarfare.dk

Both the 32 FTP Client version p9.49.01 and ByteCatcher FTP Client V1.04b are susceptible to being crashed due to a large banner. Arbitrary code execution against the client may be possible.

tags | exploit, arbitrary, code execution
SHA-256 | dbd4fb324ffcac9ecb0d8c4f98982a0eb9e3c1f0b1ca20e8533d6773e2440c31
PlatinumFTP.txt
Posted Jan 27, 2003
Authored by Dennis Rand | Site infowarfare.dk

PlatinumFTPserver, the server engine that runs as an application on Windows 9x and a service under NT/2K/XP, has a directory traversal vulnerability that allows remote attackers to enter directories that reside outside the bounding FTP root directory. Another vulnerability exists which allows an attacker to commit a DoS against the server. Version affected: 1.0.7. Version Unaffected: 1.0.8.

tags | exploit, remote, root
systems | windows
SHA-256 | c7ace983a16f1593ea028a5dac902b90df0c5d6b3660d969f8a1ce3ae3aa446e
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close