what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files from John Heasman

Email addressjohn at ngssoftware.com
First Active2004-06-14
Last Active2015-05-01
ElasticSearch Directory Traversal Proof Of Concept
Posted May 1, 2015
Authored by John Heasman, Pedro Andujar

ElasticPwn is a proof of concept exploit that demonstrates the directory traversal vulnerability in versions prior to 1.5.2 and 1.4.5.

tags | exploit, proof of concept
advisories | CVE-2015-3337
MD5 | e96503dbd5ce98ac55146844e8d7c6c6
Elasticsearch Directory Traversal
Posted Apr 27, 2015
Authored by John Heasman

All Elasticsearch versions prior to 1.5.2 and 1.4.5 are vulnerable to a directory traversal attack that allows an attacker to retrieve files from the server running Elasticsearch.

tags | advisory, file inclusion
advisories | CVE-2015-3337
MD5 | f939ca329010dfeccb6cc9f41be33801
NGS-SNMPc.txt
Posted May 1, 2008
Authored by John Heasman, Wade Alcorn | Site ngssoftware.com

Wade Alcorn and John Heasman of NGSSoftware have discovered a stack overflow vulnerability in Castle Rock Computing SNMPc Network Manager. Versions 7.1 and below are affected.

tags | advisory, overflow
MD5 | 16818ba4cc13453bab9e6d7c99b36067
NGS00419.txt
Posted Oct 30, 2007
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - It is possible to cause the Java Virtual Machine to overwrite an arbitrary memory location with an arbitrary value (repeatedly and in a stable manner) when parsing a malformed TrueType font. JDK and JRE versions 5.0 Update 9 and below as well as SDK and JRE versions 1.4.2_14 and below are affected.

tags | advisory, java, arbitrary
MD5 | c0cef6830fd8bb988ca43b15caf178dc
NGS00443.txt
Posted Oct 30, 2007
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - JDK and JRE versions 6 Update 1 and below, 5.0 Update 11 and below, and SDK and JRE versions 1.4.2_14 and below contain a vulnerability that allows an untrusted applet to violate the network access restrictions placed on it by the Java sandbox.

tags | advisory, java
MD5 | 294b79541b86bde15e4205357ff9f957
realplayer-heap.txt
Posted Oct 29, 2007
Authored by John Heasman | Site ngssoftware.com

All versions of RealPlayer 10 and some builds of RealPlayer 10.5 suffer from a heap overflow in the ID3 tag parsing code.

tags | advisory, overflow
MD5 | 3f95c0eb6dbfcedfad035ee38be0fe1e
NGS-java.txt
Posted Jul 3, 2007
Authored by John Heasman | Site ngssoftware.com

NGSSoftware has discovered a high risk vulnerability in Sun Microsystem's Java Web Start that ships with the JRE and JDK on Windows platforms. The vulnerability affects Java Web Start in JDK and JRE 5.0 Update 11 and earlier versions and Java Web Start in SDK and JRE 1.4.2_13 and earlier versions.

tags | advisory, java, web
systems | windows
MD5 | d95b26009be58db3165d46d2da6486ff
rtf-office.txt
Posted Jun 14, 2007
Authored by John Heasman | Site ngssoftware.com

John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute arbitrary code in the security context of their victim.

tags | advisory, arbitrary
MD5 | 441625f8c894ccf28e88b1f84926d095
NGS-openoffice.txt
Posted Apr 5, 2007
Authored by John Heasman | Site ngssoftware.com

A stack overflow affects all versions of OpenOffice prior to 2.2. The flaw exists in the handling of StarCalc documents within OpenOffice.

tags | advisory, overflow
MD5 | 4cb88b7692996bad6ef684a86fef7deb
NGS00401.txt
Posted Feb 1, 2007
Authored by Mark Litchfield, John Heasman | Site ngssoftware.com

BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote resource exhaustion vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause LGSERVER.EXE to write very large files to the system disk. In addition, the LGSERVER.EXE process becomes unresponsive until the file has been written.

tags | advisory, remote, tcp
MD5 | f96044c51bcb9897bf083cf6eebbb52b
ngs-openoffice.txt
Posted Jan 5, 2007
Authored by John Heasman | Site ngssoftware.com

Three heap overflows have been discovered in OpenOffice versions below 2.1.0 and StarOffice 6, 7 and 8. If an attacker can coax a user into opening a specially crafted document then the attacker can execute arbitrary code in the security context of their victim.

tags | advisory, overflow, arbitrary
MD5 | d57f283a83a2b118789d23e98b0062fd
Implementing_And_Detecting_A_PCI_Rootkit.pdf
Posted Nov 18, 2006
Authored by John Heasman | Site ngssoftware.com

Whitepaper entitled "Implementing and Detecting a PCI Rootkit". This paper discusses means of persisting a rootkit on a PCI device containing a flashable expansion ROM.

tags | paper
MD5 | 7084bf1c02b55654aea3de77ef71ed9b
netddefull.txt
Posted Jan 25, 2005
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the Microsoft NetDDE service which can allow a remote attacker to execute arbitrary code on a system without authentication. This vulnerability can also be used by any low privileged local user to gain Local System privileges. Systems Affected: Microsoft Windows NT/2000/XP/2003 Server.

tags | advisory, remote, arbitrary, local
systems | windows, nt
MD5 | b98637936b789d69ec478577391492ad
real-03full.txt
Posted Jan 22, 2005
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - Two vulnerabilities have been discovered in RealPlayer which may potentially be leveraged to allow remote code execution, or may used in combination with the Real Metadata Package File Deletion vulnerability to reliably delete files from a users system. RealPlayer 10.5 (6.0.12.1040) and older versions are affected.

tags | advisory, remote, vulnerability, code execution
MD5 | a62a355cabf73b172ee95abac18d9ff9
real-02full.txt
Posted Jan 22, 2005
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in RealPlayer which can allow an attacker to delete arbitrary files from a users system through a specially crafted webpage with little user interaction. RealPlayer 10.5 (6.0.12.1040) and older versions are affected.

tags | advisory, arbitrary
MD5 | 259331d714aca39c33993b490a62115b
real-01full.txt
Posted Jan 22, 2005
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the RealPlayer ActiveX component which can allow remote code execution when visiting a specially crafted webpage or when opening a specially crafted skin file. RealPlayer 10.5 (6.0.12.1040) and older versions are affected.

tags | advisory, remote, code execution, activex
MD5 | 374eb50f50ea6fb8cff0a2b66a93ded5
heartbeatfull.txt
Posted Jan 22, 2005
Authored by John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - A vulnerability has been discovered in the MSN Heartbeat ActiveX component which can allow remote code execution through Internet Explorer. This component is installed by some MSN gaming sites and is marked safe for scripting by default.

tags | advisory, remote, code execution, activex
MD5 | f6f6984a05f5fe2539672b364938d48b
athoc-01full.txt
Posted Jan 22, 2005
Authored by Mark Litchfield, John Heasman | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - Multiple vulnerabilities have been discovered in the AtHoc toolbar which can allow remote code execution through Internet Explorer when browsing to a specially crafted webpage.

tags | advisory, remote, vulnerability, code execution
MD5 | 62679db7da76b3863a3d74fff2664639
quicktime.txt
Posted Oct 28, 2004
Authored by John Heasman

A high risk vulnerability exists in Quicktime for Windows versions 6.5.2 and earlier.

tags | advisory
systems | windows
MD5 | d978934420addf9429ed881546cfc168
realplayer105.txt
Posted Oct 28, 2004
Authored by John Heasman

Realplayer 10.5 permits execution of arbitrary code via a malformed skin.

tags | advisory, arbitrary
MD5 | 74f922327a4f7f3c19e3b46ae38d0143
ms04-038.html
Posted Oct 24, 2004
Authored by Mitja Kolsek, John Heasman, Greg Jones | Site microsoft.com

Microsoft Security Advisory MS04-038 - Multiple Internet Explorer vulnerabilities have been patched by Microsoft. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.

tags | advisory, vulnerability
advisories | CVE-2004-0842, CVE-2004-0727, CVE-2004-0216, CVE-2004-0839, CVE-2004-0844, CVE-2004-0843, CVE-2004-0841, CVE-2004-0845
MD5 | fa0e1c35065f1d72138fac2cdb0a7cdd
realupdate.html
Posted Oct 7, 2004
Authored by Marc Maiffret, John Heasman | Site service.real.com

RealNetworks Inc. has recently been made aware of security vulnerabilities that could potentially allow an attacker to run arbitrary or malicious code on a user's machine. While they have not received reports of anyone actually being attacked with this exploit, all security vulnerabilities are taken very seriously by RealNetworks Inc. Real has found and fixed the problem.

tags | advisory, arbitrary, vulnerability
MD5 | 1b41f2dd3ee671debebc629d42fd4190
realra.txt
Posted Jun 14, 2004
Authored by John Heasman | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR11062004 - By crafting a malformed .RA, .RM, .RV or .RMJ file it possible to cause heap corruption that can lead to execution of arbitrary code. By forcing a browser or enticing a user to a website containing such a file, arbitrary attacker supplied code could be executed on the target machine. This code will run in the security context of the logged on user. Another attacker vector is via an e-mail attachment. NGSResearchers have created reliable exploits to take advantage of these issues. Versions affected are: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all versions, standalone and as-configured by the RealPlayer Enterprise Manager).

tags | advisory, arbitrary
MD5 | 9b39749f4276503fbe10da621c33ba0b
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    14 Files
  • 14
    Jul 14th
    17 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close