what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files from Leon Juranic

First Active2004-09-15
Last Active2018-01-24
SugarCRM Community Edition 6.5.26 SQL Injection
Posted Jan 24, 2018
Authored by Leon Juranic, DefenseCode

SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | bc4cc7bf63d53a27a1eb576d08fe29628ea8da32f5518c5c866e31065558a8a7
IBM Informix 12.10 DB-Access Buffer Overflow
Posted Jul 12, 2017
Authored by Leon Juranic, DefenseCode, Bosko Stankovic

IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to insert data from an operating-system file into an existing table or view. Version 12.10 is affected.

tags | exploit, overflow, arbitrary
SHA-256 | 7242df27de9624e0c0b57ed3ef055069c110005a841ad63815fe50406c581c74
IBM DB2 Command Line Processor Buffer Overflow
Posted Jun 26, 2017
Authored by Leon Juranic, DefenseCode

IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-1297
SHA-256 | 9fcbc5360bbab3d3d0d5f91e96ba944fd77fa77b62d50735a37991cb02aa1f1f
Google API PHP Client 2.1.3 Cross Site Scripting
Posted May 12, 2017
Authored by Leon Juranic, DefenseCode

google-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
SHA-256 | 8eaec32d7fdf5c15debcbc897ef52db1a3048d72036b4d43408cd00a1a64ebbf
From Zero to ZeroDay Journey: Router Hacking
Posted Apr 6, 2017
Authored by Leon Juranic

Whitepaper called From Zero to ZeroDay Journey: Router Hacking (WRT54GL Linksys Case).

tags | paper
SHA-256 | 66c928dae742c5b1f66c19385575361b4ebbbe5aef56979b8945aa3f1562cf31
UPnP Issue Affects Many Routers
Posted Feb 6, 2013
Authored by H D Moore, Leon Juranic, DefenseCode

A few weeks ago, DefenseCode announced the remote pre-auth root access exploit for Cisco Linksys. During further research, they have discovered that other router manufacturers are also vulnerable to the same vulnerability, since the vulnerable Broadcom UPnP stack is used across multiple router vendors. Rapid7 has produced some scary numbers surrounding how many routers are affected on the Internet.

tags | advisory, remote, root
systems | cisco
SHA-256 | 973bb983a4d13f077857f0d5faee4a6aaf7969bdaa84af71296a5aabd7a67568
Broadcom UPnP Remote Preauth Root Code Execution
Posted Jan 31, 2013
Authored by Leon Juranic, DefenseCode, Vedran Kajic

A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.

tags | exploit, remote, arbitrary, root
SHA-256 | a9af7d158bb390ad756245dc9d569c020c94e28b5576407cf6cf4b7fe4378cd8
Safari 4.0.2 Buffer Overflow
Posted Aug 18, 2009
Authored by Leon Juranic | Site infigo.hr

Safari 4.0.2 suffers from a local buffer overflow vulnerability related to the webkit parsing of floating point numbers.

tags | exploit, denial of service, overflow, local
SHA-256 | d9f549ccc385b7d7b909f34d0c726cf7b9734986d0f5f78d922e54dec9773f79
NASA Common Data Format Remote Buffer Overflows
Posted Jul 21, 2009
Authored by Leon Juranic | Site infigo.hr

Memory corruption vulnerabilities have been discovered in NASA's Common Data Format. Versions 3.2.4 and below are affected.

tags | advisory, vulnerability
SHA-256 | d3bfdae0226b04f7084476e78657351396b5f9598a25fc61dc3d13c191fa4f96
INFIGO-2008-04-08.txt
Posted Apr 16, 2008
Authored by Leon Juranic | Site infigo.hr

INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).

tags | advisory, remote, overflow
SHA-256 | f15fcb7c39b1de855c85925767b7a551daaddf85fabc42a30d0971f234fc959e
INFIGO-2008-03-07.txt
Posted Mar 21, 2008
Authored by Leon Juranic | Site infigo.hr

A remote vanilla stack overflow vulnerability exists in the Surgemail IMAP server. The vulnerability is caused due to a boundary error in the IMAP server, when processing overly long arguments of the 'LSUB' command. The vulnerability results in a simple stack overflow condition that can be trivially exploited.

tags | exploit, remote, overflow, imap
SHA-256 | 6caf1134a18b78d821475643125ddbaac4ab936cf127a25b6b9b7c01c6c4eaf2
INFIGO-2008-02-13.txt
Posted Feb 15, 2008
Authored by Leon Juranic | Site infigo.hr

The SOPHOS ES1000 and ES4000 Email Security Appliances suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 123b619e25aff04e8e4059347592ab523fc7b2fc5ae0e69d4e85093667da700d
mcafee2.pl.txt
Posted Jan 9, 2008
Authored by Leon Juranic | Site infigo.hr

McAfee E-Business Server versions 8.5.2 and below pre-authentication denial of service exploit.

tags | exploit, denial of service
SHA-256 | 9fdbf08d12eca23e24b5da2766dfaa3afb090a14d10501e4f61f1a490950b23d
INFIGO-2008-01-06.txt
Posted Jan 9, 2008
Authored by Leon Juranic | Site infigo.hr

INFIGO IS Security Advisory #ADV-2008-01-06 - The McAfee E-Business Server versions 8.5.2 and below suffer from a pre-authentication code execution and denial of service vulnerability.

tags | advisory, denial of service, code execution
SHA-256 | 7129afa195fe0c40d1247cd6d401cf701a55ca378c31f5c79339a620eade8866
INFIGO-2007-08.txt
Posted Apr 12, 2007
Authored by Leon Juranic | Site infigo.hr

During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.

tags | advisory, remote, overflow, tcp
SHA-256 | 7cfad04c205329f1f36fe4c6cad33a97921cb4da56226e103ba111b14bd847cd
mdaemon_poc.txt
Posted Aug 27, 2006
Authored by Leon Juranic | Site infigo.hr

Proof of concept remote exploit for the MDaemon POP3 preauth buffer overflow. MDaemon versions 8 and 9 are susceptible to this.

tags | exploit, remote, overflow, proof of concept
SHA-256 | e36d9a6cd5875ac91dfbfc8be90a0ef092197e21924979c6115982c649be0d8b
INFIGO-2006-08-04.txt
Posted Aug 27, 2006
Authored by Leon Juranic | Site infigo.hr

During an audit, a critical vulnerability has been discovered in the MDaemon POP3 server. There is a buffer overflow vulnerability in 'USER' and 'APOP' command processing part of the Altn MDaemon POP3 server. The vulnerability can be triggered with providing a long string to USER or APOP commands with '@' characters included in the string. In this case, MDaemon will incorectly process the string and a heap overflow will happen as a result. To trigger the vulnerability, a few USER commands have to be sent to the POP3 Server. Sometimes (depending on the heap state and string length), it is even possible to redirect code execution directly to the supplied input buffer on the heap. MDaemon versions 8 and 9 are confirmed vulnerable.

tags | advisory, overflow, code execution
SHA-256 | d5c9043c3a5da6e06fbb9448e0ee6aac59f636527f57112ed1d576f7218e753d
INFIGO-2006-05-03.txt
Posted May 9, 2006
Authored by Leon Juranic | Site infigo.hr

INFIGO IS Security Advisory #ADV-2006-05-03 - New vulnerabilities have been discovered in ArgoSoft FTP server version 1.4.3.6, Golden FTP server version 2.70, FileZilla version 2.2.22, and WarFTP Daemon / Guild FTP server version 0.999.13.

tags | advisory, vulnerability
SHA-256 | f7e189f0655ec928de2b27d398b63004754ae6497a019f787feea012621c36f3
LSS-2005-07-14.txt
Posted Jul 15, 2005
Authored by Leon Juranic | Site security.lss.hr

Winamp is vulnerable to a buffer overflow vulnerability when processing ID3v2 tags of mp3 files. To exploit this vulnerability, a user has to add malformed mp3 file to the Winamp playlist, and play it. The vulnerability was tested on Winamp versions 5.03a, 5.09 and 5.091.

tags | advisory, overflow
SHA-256 | 883ada7f9612a1df12849639513fc5cefa2acdd94f5c6810f9f84e4a64a6a23c
LSS-2005-06-06.txt
Posted Jun 18, 2005
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2005-06-06 - Crob FTP server versions 3.6.1 and below suffer from various remote buffer overflows.

tags | advisory, remote, overflow
SHA-256 | c87f455adf3a1de29ab1bbd59e257815a8b6261cf9e1c2be3b87a1d648f5b816
LSS-2005-06-07.txt
Posted Jun 18, 2005
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2005-06-07 - Popper webmail is susceptible to a remote code inclusion bug in childwindow.inc.php that allows for remote command execution.

tags | advisory, remote, php
SHA-256 | df5832afc053b6a437f0df4c9905733d31fb35594d529c89550ba0a5fb3cc1c2
eth2.c
Posted Mar 17, 2005
Authored by Leon Juranic | Site security.lss.hr

Exploit for the Ethereal IAPP dissector remote buffer overflow vulnerability. All versions that have support for the IAPP dissector are affected up to version 0.10.9.

tags | exploit, remote, overflow
SHA-256 | 526f33ba2f77710943103bc1d05b2c8a140887ea702b11aa53b942fa083849f1
LSS-2005-03-05.txt
Posted Mar 17, 2005
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2005-03-05 - There is a buffer overflow vulnerability in the Ethereal IAPP dissector. All versions that have support for the IAPP dissector are affected up to version 0.10.9.

tags | advisory, overflow
SHA-256 | 63b1cc3f3155d1879b4735aff3a5831a2bec847f7be9ce147c4a43a685e19f09
eth0day.c
Posted Mar 15, 2005
Authored by Leon Juranic | Site security.lss.hr

Exploit for the Ethereal 3G-A11 dissector remote buffer overflow vulnerability. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.

tags | exploit, remote, overflow
SHA-256 | 5630433d3aa4230867dbe25c72e8a8b0ce98dc61d46e9b0142eb5e80726e7c18
LSS-2005-03-04.txt
Posted Mar 15, 2005
Authored by Leon Juranic | Site security.lss.hr

There is remote buffer overflow vulnerability in the Ethereal dissector for CDMA2000 A11 packets. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.

tags | advisory, remote, overflow
SHA-256 | d279201e64f7d7ea4798aa76b9407af0207f59dbc661865a44c9f8a85e63ef5c
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close