what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Gael Delalleau

Email addressgael.delalleau+moz at m4x.org
First Active2004-09-15
Last Active2008-08-13
iDEFENSE Security Advisory 2008-08-04.2
Posted Aug 13, 2008
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDefense Security Advisory 08.04.08 - Remote exploitation of multiple format string vulnerabilities in Sun Microsystems Inc.'s snoop could allow an attacker to execute arbitrary code with the privileges of the nobody user. Multiple format string vulnerabilities exist within the code that parses and displays SMB traffic. All of the vulnerabilities are present due to unsanitized user input being passed to printf-style formatting function. This allows an attacker to overwrite arbitrary addresses with arbitrary data, which can result in the execution of arbitrary code. iDefense has confirmed the existence of these vulnerabilities in snoop for Solaris 10 8/07. Other versions may also be affected.

tags | advisory, remote, arbitrary, vulnerability
systems | solaris
advisories | CVE-2008-0965
SHA-256 | 86a629216fb461e13eaaf00def47aaea7455872dfc3360b326c676d8ff366859
iDEFENSE Security Advisory 2008-08-04.1
Posted Aug 13, 2008
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDefense Security Advisory 08.04.08 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Sun Microsystems Inc.'s snoop could allow an attacker to execute arbitrary code with the privileges of the nobody user. Multiple buffer overflow vulnerabilities exist within the code that parses and displays SMB traffic. In most cases, exploitation is trivial as an attacker has full control of the data copied. iDefense has confirmed the existence of these vulnerabilities in snoop for Solaris 10 8/07. Other versions may also be affected.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | solaris
advisories | CVE-2008-0964
SHA-256 | 44c95b7eafa3c1684d3258e1f4f590cc2c4fe2a3c61f9cf0ababd05d2179e75c
iDEFENSE Security Advisory 2005-03-28.2
Posted Mar 29, 2005
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDEFENSE Security Advisory 03.28.05 - Remote exploitation of a buffer overflow vulnerability in multiple telnet clients could allow the execution of arbitrary code. The vulnerability specifically exists in the env_opt_add() function of telnet.c. iDEFENSE has confirmed the existance of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | solaris, bsd
advisories | CVE-2005-0468
SHA-256 | de99e8ea1329dbc1f15a968b8c0756e881aa440162190742655fdb287e67ea1c
iDEFENSE Security Advisory 2005-03-28.1
Posted Mar 29, 2005
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDEFENSE Security Advisory 03.28.05 - Remote exploitation of an buffer overflow vulnerability error in multiple telnet clients may allow execution of arbitrary commands. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | solaris, bsd
advisories | CVE-2005-0469
SHA-256 | 9a3b7b73eb08fc8817b92e7dac30a75b72f3c015d5bbd074dbfb8f930414a6f2
mozbugs.txt
Posted Sep 17, 2004
Authored by Gael Delalleau

New Firefox, Thunderbird, and Mozilla releases between September 13 and 14 address 7 critical security issues. If you have not already, upgrade today.

tags | advisory
SHA-256 | e9d350da84264e6d5b1ca1b7bc56d5d368693bc81e678bb46bc9cee697f2656e
Secunia Security Advisory 12526
Posted Sep 15, 2004
Authored by Georgi Guninski, Secunia, Wladimir Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman | Site secunia.com

Secunia Security Advisory - Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system. These vulnerabilities reportedly affect versions prior to the following: Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8.

tags | advisory, vulnerability, xss
SHA-256 | 0a6ca10ffc4a3ba1127a2e7aff306ae4251a2daf157abd425b6d345403f1729d
Page 1 of 1
Back1Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    32 Files
  • 5
    Dec 5th
    10 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    23 Files
  • 8
    Dec 8th
    19 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close