exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 63 RSS Feed

Files from Tan Chew Keong

Email addresschewkeong at security.org.sg
First Active2004-06-18
Last Active2008-12-05
nullftp-inject.txt
Posted Dec 5, 2008
Authored by Tan Chew Keong | Site vuln.sg

NULL FTP Server version 1.1.0.7 suffers from a SITE parameter command injection vulnerability.

tags | exploit
SHA-256 | 1220731bf2a3fe71b2edbc3ce418e4000dde3fbbe7e1f74bdc460f8757dc7773
lotusnotes702-en.txt
Posted Oct 23, 2007
Authored by Tan Chew Keong | Site vuln.sg

Multiple exploitable buffer overflow vulnerabilities were found within the file attachment viewer in IBM Lotus Notes. The vulnerabilities can be exploited to execute arbitrary code by tricking the user to view a malicious DOC, SAM, WPD, or MIF file attachment using the file attachment viewer in Lotus Notes.

tags | advisory, overflow, arbitrary, vulnerability
SHA-256 | 890157468a36afba607e7e752659d2e88a1469381478ce7e639aee37185addbc
pagemaker-overflow.txt
Posted Oct 10, 2007
Authored by Tan Chew Keong | Site vuln.sg

Adobe Pagemaker versions 7.0.1 and 7.0.2 suffer from a buffer overflow vulnerability when handling long font names. Links to full advisory are provided however the author has removed the exploits related to the vulnerability.

tags | advisory, overflow
SHA-256 | 4d649063f056168db14f9bd0375f8e3ad886dc0ae43795c2a6b08c1fe0359a45
alpass27-en.txt
Posted Aug 24, 2007
Authored by Tan Chew Keong | Site vuln.sg

ESTsoft ALPass version 2.7 suffers from an arbitrary code execution vulnerability when importing a specially crafted DB file.

tags | advisory, arbitrary, code execution
SHA-256 | 3d5ae490155ac68d0915c131e84daf0b821b62fb6bcbacf8f68c10b82d9593b7
yenc32.txt
Posted May 15, 2007
Authored by Tan Chew Keong | Site vuln.sg

The yEnc32 Decoder version 1.0.7.207 suffers from a long filename buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | fd2f5f609a413073350206036e2b74dbbe63a7d1860e4bd7a03621009e4a808d
powarc964-en.txt
Posted Jan 5, 2007
Authored by Tan Chew Keong | Site vuln.sg

A vulnerability has been found in PowerArchiver version 9.64.02. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ISO file.

tags | advisory, arbitrary
SHA-256 | da5e65cc8102776bac81f3a6ae4e44c4ea8af05fbe201f50c1c1538e357739c3
isowincmd.txt
Posted Jan 2, 2007
Authored by Tan Chew Keong

A vulnerability has been found in iso_wincmd Total Commander Plugin. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ISO file. iso_wincmd version 1.7.3.3 (1.7.3 Beta 3) and version 1.6.10 have this vulnerability.

tags | advisory, arbitrary
SHA-256 | eea03011e2fd105c70b3f2997e5e0eab8234ea3a2525b4a52995ac75e09dcafe
CruiseWorks.txt
Posted Oct 27, 2006
Authored by Tan Chew Keong | Site vuln.sg

Two vulnerabilities have been found in CruiseWorks. When exploited, the vulnerabilities allow an authenticated user to retrieve arbitrary files accessible to the web server process and to execute arbitrary code with privileges of the IIS IUSR_MACHINE account.

tags | advisory, web, arbitrary, vulnerability
SHA-256 | 6ded8d2684f90a3812fd49e9f82867b5dc550992e640d71d72193a57d9bafc44
cybozuSQL.txt
Posted Aug 29, 2006
Authored by Tan Chew Keong | Site vuln.sg

Some SQL injection vulnerabilities have been found in Cybozu Garoon 2 version 2.1.0 for Windows. When exploited by a logged on user, the vulnerabilities allow for manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.

tags | advisory, vulnerability, sql injection
systems | windows
SHA-256 | 94932244918f86ec9cbc3c1de3392a30b3dd4dfd9954868db3b6c5152b81423e
cybozuFile.txt
Posted Aug 29, 2006
Authored by Tan Chew Keong | Site vuln.sg

A vulnerability has been found in Cybozu Products. When exploited, the vulnerability allows an authenticated user to retrieve arbitrary files accessible to the web server process. Affected versions include Cybozu Office version 6.5 for Windows and Cybozu Share 360 version 2.5 for Windows.

tags | advisory, web, arbitrary
systems | windows
SHA-256 | f3ebb6efe8e8068de884bcd59e82c23a1e7ac1c7641cae14b0c9c9927cc4bb0c
coolmessenger.txt
Posted Aug 27, 2006
Authored by Tan Chew Keong | Site vuln.sg

A vulnerability has been found in Cool Messenger Office/School Server. When exploited, the vulnerability allows any people to logon to the messenger server as any user without requiring knowledge of any passwords.

tags | advisory
SHA-256 | 9fd837b7913663fe4e67231c162238ff62e76ec61010aa9b3dfd5b23060068e2
powerzip.txt
Posted Aug 27, 2006
Authored by Tan Chew Keong | Site vuln.sg

A vulnerability has been found in PowerZip version 7.06 build 3895. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ZIP archive.

tags | advisory, arbitrary
SHA-256 | 1095a9a0d27e136c86405542df69e9e2eb4624755051ce1675b03404e3fd3bb2
lhaplus.txt
Posted Aug 17, 2006
Authored by Tan Chew Keong | Site vuln.sg

LHAPlus version 1.52 suffers from a buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | b1b5d6fe35b827ddc39b6a46190e8a09fed246c2f7a88badeb89caad29dbe617
secunia-AutoVue.txt
Posted Jul 28, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in AutoVue SolidModel Professional Desktop Edition, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of ARJ, RAR, and ZIP archives. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code. AutoVue SolidModel Professional Desktop Edition version 19.1 Build 5993 is affected. Other versions may also be affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2006-3350
SHA-256 | e93adff3a8f625d54d58dc9486926383f88de6f10f23d5b6f9a008feef926f49
powerArchiver.txt
Posted Jul 28, 2006
Authored by Tan Chew Keong | Site vuln.sg

An arbitrary code execution vulnerability exists in PowerArchiver version 9.62.03.

tags | advisory, arbitrary, code execution
SHA-256 | be1c7f5acea357664b1372470353015f39b13264a61266b84630702156f1c79c
powarc962-en.txt
Posted Jul 26, 2006
Authored by Tan Chew Keong

A vulnerability has been found in PowerArchiver version 9.62.03 that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 5be398cc76407912583ce04d6d10e64b66f05d6b129c7068c34e6a5947ce19f0
agephone1381-en.txt
Posted Jul 26, 2006
Authored by Tan Chew Keong

A vulnerability has been found in AGEphone versions 1.24 and 1.38.1 that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 8f76c6205b8597e13c8c77f5fd93bf27e2587fa1af93d650aac528e988192a08
turbozip6-en.txt
Posted Jul 26, 2006
Authored by Tan Chew Keong

A vulnerability has been found in TurboZIP 6.0 that allows for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 463aafbe89aa1791e81c25bf9e6eceb69d145d3722f0a4e9e8d10d48e177b311
dynazip5007-en.txt
Posted Jul 26, 2006
Authored by Tan Chew Keong

Some vulnerabilities have been found in DynaZip DZIP32.DLL/DZIPS32.DLL that allow for arbitrary code execution. DynaZip Max version 5.0.0.7 and DynaZip Max Secure version 6.0.0.4 are affected.

tags | advisory, arbitrary, vulnerability, code execution
SHA-256 | 50aa225d27ea00eec762bd08537c3f1eb0108a7dee8512410379c0163bcb6564
secunia-IceWarp2.txt
Posted Jul 20, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered two vulnerabilities in IceWarp Web Mail, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and compromise a vulnerable system. Merak Mail Server version 8.3.8.r with IceWarp Web Mail 5.6.0 is affected.

tags | advisory, web, vulnerability
advisories | CVE-2006-0817, CVE-2006-0818
SHA-256 | ea34c0a33de7ac0c8a3533381aaf94e7d5a0210039b64aa97bdbafdab97a3e5d
secunia-Visnetic2.txt
Posted Jul 20, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered two vulnerabilities in Visnetic Mail Server, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Visnetic Mail Server version 8.3.5 is affected.

tags | advisory, vulnerability
advisories | CVE-2006-0817, CVE-2006-0818
SHA-256 | d2398297f500288373c0f6859e9be8e326afb0527008903d4c171dd3f33601b2
secunia-zipinfo.txt
Posted Jun 15, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in PicoZip version 4.01, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "zipinfo.dll" info tip shell extension when reading a ACE, RAR, or ZIP archive that contains a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when the user moves the mouse cursor over a malicious archive either in Windows Explorer or from any program that uses the file-open dialog box. Successful exploitation allows arbitrary code execution.

tags | advisory, overflow, arbitrary, shell, code execution
systems | windows
advisories | CVE-2006-2909
SHA-256 | d020df17118c2708ed7b20a03b95d908f801e7b21c0521b16b3d114542da5705
secunia-CAM.txt
Posted May 22, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in CAM UnZip versions 4.0 and 4.3, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive. This can be exploited to cause a stack-based buffer overflow when a malicious ZIP archive containing a file with an overly long filename is opened.

tags | advisory, overflow
advisories | CVE-2006-2161
SHA-256 | 15e13f5a99e65b3adbc306a4ea2fa32d802e0121972b3078e9f2fecd56fb97b1
secunia-Abakt.txt
Posted May 22, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in Abakt, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive. This can be exploited to cause a stack-based buffer overflow when a malicious ZIP archive containing a file with an overly long filename is opened. Versions 0.9.2 and 0.9.3-beta1 are affected.

tags | advisory, overflow
advisories | CVE-2006-2161
SHA-256 | 67471673445159616ecc2805692c08221a6e6eceb4b399e199f2b6db8e227996
secunia-TZip.txt
Posted May 9, 2006
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in TZipBuilder version 1.79.03.01, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when listing the contents of a ZIP archive that contains a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a specially crafted ZIP archive is opened. Successful exploitation allows execution of arbitrary code with the privileges of an application that uses the library.

tags | advisory, overflow, arbitrary
advisories | CVE-2006-2161
SHA-256 | d82a5e72087c2ff64ade5023af3e50aef3b2192651f8f09e5fb8213dcdd4bc82
Page 1 of 3
Back123Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close