exploit the possibilities
Showing 1 - 25 of 32 RSS Feed

Files from Leon Juranic

First Active2004-09-15
Last Active2018-01-24
SugarCRM Community Edition 6.5.26 SQL Injection
Posted Jan 24, 2018
Authored by Leon Juranic, DefenseCode

SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2ab4e697942a1f1e39de181287dee068
IBM Informix 12.10 DB-Access Buffer Overflow
Posted Jul 12, 2017
Authored by Leon Juranic, DefenseCode, Bosko Stankovic

IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to insert data from an operating-system file into an existing table or view. Version 12.10 is affected.

tags | exploit, overflow, arbitrary
MD5 | a6b494ac98eda0f50077d89e22e9c8cf
IBM DB2 Command Line Processor Buffer Overflow
Posted Jun 26, 2017
Authored by Leon Juranic, DefenseCode

IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-1297
MD5 | 5d5fdc9afef069a12acc4631e4723b9a
Google API PHP Client 2.1.3 Cross Site Scripting
Posted May 12, 2017
Authored by Leon Juranic, DefenseCode

google-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
MD5 | 01570bb024997801f85e3290dadda5ef
From Zero to ZeroDay Journey: Router Hacking
Posted Apr 6, 2017
Authored by Leon Juranic

Whitepaper called From Zero to ZeroDay Journey: Router Hacking (WRT54GL Linksys Case).

tags | paper
MD5 | db1a8ee4cfe26b0939e229c55041d19f
UPnP Issue Affects Many Routers
Posted Feb 6, 2013
Authored by H D Moore, Leon Juranic, DefenseCode

A few weeks ago, DefenseCode announced the remote pre-auth root access exploit for Cisco Linksys. During further research, they have discovered that other router manufacturers are also vulnerable to the same vulnerability, since the vulnerable Broadcom UPnP stack is used across multiple router vendors. Rapid7 has produced some scary numbers surrounding how many routers are affected on the Internet.

tags | advisory, remote, root
systems | cisco
MD5 | 3b0a8f2514d231023a2e7212b1720304
Broadcom UPnP Remote Preauth Root Code Execution
Posted Jan 31, 2013
Authored by Leon Juranic, DefenseCode, Vedran Kajic

A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.

tags | exploit, remote, arbitrary, root
MD5 | 20f62f4fa05f9c94bab90345f785c0cf
Safari 4.0.2 Buffer Overflow
Posted Aug 18, 2009
Authored by Leon Juranic | Site infigo.hr

Safari 4.0.2 suffers from a local buffer overflow vulnerability related to the webkit parsing of floating point numbers.

tags | exploit, denial of service, overflow, local
MD5 | 79d61bdb05775d6a92a61c7dff05b3de
NASA Common Data Format Remote Buffer Overflows
Posted Jul 21, 2009
Authored by Leon Juranic | Site infigo.hr

Memory corruption vulnerabilities have been discovered in NASA's Common Data Format. Versions 3.2.4 and below are affected.

tags | advisory, vulnerability
MD5 | 9a6f3fe0344236a32819b4e5fb47147c
INFIGO-2008-04-08.txt
Posted Apr 16, 2008
Authored by Leon Juranic | Site infigo.hr

INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).

tags | advisory, remote, overflow
MD5 | c38cbe7ca06aa48e9bbb69dd2592ca5c
INFIGO-2008-03-07.txt
Posted Mar 21, 2008
Authored by Leon Juranic | Site infigo.hr

A remote vanilla stack overflow vulnerability exists in the Surgemail IMAP server. The vulnerability is caused due to a boundary error in the IMAP server, when processing overly long arguments of the 'LSUB' command. The vulnerability results in a simple stack overflow condition that can be trivially exploited.

tags | exploit, remote, overflow, imap
MD5 | 24f9e88e859b27d13e51d860ae9e0d0a
INFIGO-2008-02-13.txt
Posted Feb 15, 2008
Authored by Leon Juranic | Site infigo.hr

The SOPHOS ES1000 and ES4000 Email Security Appliances suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a071ec4c778df48003c4fa542fbbd2bc
mcafee2.pl.txt
Posted Jan 9, 2008
Authored by Leon Juranic | Site infigo.hr

McAfee E-Business Server versions 8.5.2 and below pre-authentication denial of service exploit.

tags | exploit, denial of service
MD5 | 5ae27730fb4c11c411e1402b43ac9b37
INFIGO-2008-01-06.txt
Posted Jan 9, 2008
Authored by Leon Juranic | Site infigo.hr

INFIGO IS Security Advisory #ADV-2008-01-06 - The McAfee E-Business Server versions 8.5.2 and below suffer from a pre-authentication code execution and denial of service vulnerability.

tags | advisory, denial of service, code execution
MD5 | 75667f5632db67420d78bca6139c7ed5
INFIGO-2007-08.txt
Posted Apr 12, 2007
Authored by Leon Juranic | Site infigo.hr

During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.

tags | advisory, remote, overflow, tcp
MD5 | ffc6bd13c8fa53d2bc030730ecd5d6b2
mdaemon_poc.txt
Posted Aug 27, 2006
Authored by Leon Juranic | Site infigo.hr

Proof of concept remote exploit for the MDaemon POP3 preauth buffer overflow. MDaemon versions 8 and 9 are susceptible to this.

tags | exploit, remote, overflow, proof of concept
MD5 | 868f11c80e0e6ad1b05ea95414b4832d
INFIGO-2006-08-04.txt
Posted Aug 27, 2006
Authored by Leon Juranic | Site infigo.hr

During an audit, a critical vulnerability has been discovered in the MDaemon POP3 server. There is a buffer overflow vulnerability in 'USER' and 'APOP' command processing part of the Altn MDaemon POP3 server. The vulnerability can be triggered with providing a long string to USER or APOP commands with '@' characters included in the string. In this case, MDaemon will incorectly process the string and a heap overflow will happen as a result. To trigger the vulnerability, a few USER commands have to be sent to the POP3 Server. Sometimes (depending on the heap state and string length), it is even possible to redirect code execution directly to the supplied input buffer on the heap. MDaemon versions 8 and 9 are confirmed vulnerable.

tags | advisory, overflow, code execution
MD5 | d2a66b4cd82218e9adf2ff9ae6a3ab77
INFIGO-2006-05-03.txt
Posted May 9, 2006
Authored by Leon Juranic | Site infigo.hr

INFIGO IS Security Advisory #ADV-2006-05-03 - New vulnerabilities have been discovered in ArgoSoft FTP server version 1.4.3.6, Golden FTP server version 2.70, FileZilla version 2.2.22, and WarFTP Daemon / Guild FTP server version 0.999.13.

tags | advisory, vulnerability
MD5 | 410141210ee77de8f2c49d2c368dbf44
LSS-2005-07-14.txt
Posted Jul 15, 2005
Authored by Leon Juranic | Site security.lss.hr

Winamp is vulnerable to a buffer overflow vulnerability when processing ID3v2 tags of mp3 files. To exploit this vulnerability, a user has to add malformed mp3 file to the Winamp playlist, and play it. The vulnerability was tested on Winamp versions 5.03a, 5.09 and 5.091.

tags | advisory, overflow
MD5 | be583fbb09d636219d14d569986d9f9c
LSS-2005-06-06.txt
Posted Jun 18, 2005
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2005-06-06 - Crob FTP server versions 3.6.1 and below suffer from various remote buffer overflows.

tags | advisory, remote, overflow
MD5 | 42f31e32f2f3f03d7465bb523c3f1433
LSS-2005-06-07.txt
Posted Jun 18, 2005
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2005-06-07 - Popper webmail is susceptible to a remote code inclusion bug in childwindow.inc.php that allows for remote command execution.

tags | advisory, remote, php
MD5 | 8615cc52447a780183ccaf5912204957
eth2.c
Posted Mar 17, 2005
Authored by Leon Juranic | Site security.lss.hr

Exploit for the Ethereal IAPP dissector remote buffer overflow vulnerability. All versions that have support for the IAPP dissector are affected up to version 0.10.9.

tags | exploit, remote, overflow
MD5 | 082fa54c1a7d4dae795ed2fa0fdf520a
LSS-2005-03-05.txt
Posted Mar 17, 2005
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2005-03-05 - There is a buffer overflow vulnerability in the Ethereal IAPP dissector. All versions that have support for the IAPP dissector are affected up to version 0.10.9.

tags | advisory, overflow
MD5 | 0d38e8bc544e27bc7b4adb5ea4d6f12a
eth0day.c
Posted Mar 15, 2005
Authored by Leon Juranic | Site security.lss.hr

Exploit for the Ethereal 3G-A11 dissector remote buffer overflow vulnerability. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.

tags | exploit, remote, overflow
MD5 | a441e0b038a18e8111f7bdd0a8a8402f
LSS-2005-03-04.txt
Posted Mar 15, 2005
Authored by Leon Juranic | Site security.lss.hr

There is remote buffer overflow vulnerability in the Ethereal dissector for CDMA2000 A11 packets. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.

tags | advisory, remote, overflow
MD5 | 6416b26a49797548216f0846befaf89f
Page 1 of 2
Back12Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close