what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files from Damian Put

Email addresspucik at overflow.pl
First Active2004-12-31
Last Active2008-12-05
Zero Day Initiative Advisory 08-080
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw occurs within the Java AWT library. If a custom image model is used for the source 'Raster' during a conversion through a 'ConvolveOp' operation, the imaging library will calculate the size of the destination raster for the conversion incorrectly leading to a heap-based overflow. This can result in arbitrary code execution under the context of the current user.

tags | advisory, java, remote, web, overflow, arbitrary, code execution
SHA-256 | 69fedebd39ae5325af19cf3b911107a594218eaf78e8854814af705e0eb836e1
Zero Day Initiative Advisory 08-079
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing a malformed XML tag, the application does not allocate enough space for it's contents. During copying of this to the newly allocated buffer, the application will overwrite heap structures with attacker-supplied data that can then be leveraged to achieve code execution with the privileges of the application.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 64031b7963a8183849481e9b4f497d24a2a4b9e9c4d0c42051491727813240a3
Zero Day Initiative Advisory 08-078
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to potentially execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing specially formulated xml, the application will corrupt an internal data structure. Whilst deallocating this data structure, the application can be tricked into freeing a single allocated chunk multiple times, which can potentially lead to code execution.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 0a3bb0651dccdaccf0dce67e0c5fad1b2a93d2ec1c4babc22f0814d43b035077
Zero Day Initiative Advisory 08-077
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tooltip processing code for Trillian. When creating a tooltip for an image, the application generates an XML tag including a property containing the filename. This data is then copied directly into a stack-based buffer without any length verifications which can eventually lead to code execution with the privileges of the client.

tags | advisory, remote, arbitrary, code execution
SHA-256 | ccf4a13dfd890cabd4e17cd20131ee7971a15f2f9efbd2d2ff84366a9eea1e91
iDEFENSE Security Advisory 2008-08-12.2
Posted Aug 13, 2008
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 08.12.08 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Office filter for WordPerfect Graphics Files, could allow an attacker to execute arbitrary code with the privileges of the victim. This vulnerability specifically lies within the "WPGIMP32.FLT" module. A heap overflow can occur when processing a malformed Wordperfect Graphics (WPG) file. By corrupting heap memory, it is possible to execute arbitrary code. iDefense has confirmed this vulnerability in the following versions of Microsoft Office; Office XP SP3, Office 2003 SP2, Office 97. Other versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-3460
SHA-256 | 741b9a8dfe66a386492a78748e537e58ca472a1b8d510f626a6e5ff078151ef0
Zero Day Initiative Advisory 08-027
Posted May 20, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserve Backup. Authentication is not required exploit this vulnerability. The specific flaw exists within the caloggerd log daemon during the processing of log messages that contain directory traversal modifiers. A lack of sanity checking on the provided path allows attackers to append arbitrary data to a file of their choosing and can easily result in a full system compromise.

tags | advisory, remote, arbitrary
advisories | CVE-2008-2241
SHA-256 | 87cfdcbb6613e14cedaf10c5b3083bd9012df90c3f6873619469e64a0001b4c8
Zero Day Initiative Advisory 08-026
Posted May 20, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of CA BrightStor ARCserve Backup for Linux. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper bounds checking in the xdr_rwsstring() library function. By sending a long parameter into a daemon using this function to process strings, a stack based buffer overflow occurs, leading to execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux
advisories | CVE-2008-2242
SHA-256 | 5beac44d9fa93dd531a5772fb664510c95b8fb10a85ab02246b9e9235be2a914
iDEFENSE Security Advisory 2008-04-14.2
Posted Apr 16, 2008
Authored by iDefense Labs, Damian Put, Thomas Pollet | Site idefense.com

iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for reading in sections within a PE binary packed with the WWPack executable compressor. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 4d031b3623c5acf6d2df2a012826f123b600e16b2467a042482a60b36cd59aab
iDEFENSE Security Advisory 2008-04-14.1
Posted Apr 16, 2008
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for decompressing sections within a PE binary packed with the PeSpin executable protector. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-0314
SHA-256 | 12c041db8179f0af23b92ec5c1b92fa5e93528888fedbef1b5e18790d04781fa
iDEFENSE Security Advisory 2008-02-12.2
Posted Feb 13, 2008
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 02.12.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Works Converter, as included with Microsoft Office, could potentially allow an attacker to execute arbitrary code as the current user. This vulnerability stems from improper input validation of OLE structures within wkcvqd01.dll when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, heap corruption can occur. This leads to a potentially exploitable condition. iDefense has confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable to this issue. Older versions are assumed to be vulnerable as well. Additionally, Microsoft Works itself is suspected to be vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2007-0216
SHA-256 | 32ffb0aa2cf242fe619293167d1c2c969fe87d8c43749f7ae32ff4984f67495a
iDEFENSE Security Advisory 2007-02-16.1
Posted Feb 24, 2007
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 02.16.07 - TrendMicro's ServerProtect product uses a web interface which runs on port TCP 14942 to configure the product. This interface is protected with a user configurable password. Upon successful login, a cookie is set with the name 'splx_2376_info' and a valid session id as its value. The ServerProtect web application suffers from a design error vulnerability in its authorization checking routines. Attackers can gain full access to the web application by requesting any internal page while supplying their own 'splx_2376_info' cookie with an arbitrary value. iDefense has confirmed this vulnerability in Trend ServerProtect v1.3 for Linux. This vulnerability is not present in the Windows based versions of Server protect.

tags | advisory, web, arbitrary, tcp
systems | linux, windows
SHA-256 | 7526f737f4d486bbd52cceb0d0f0278593c220859fda585bc67acd98645d1085
iDEFENSE Security Advisory 2006-12-08.3
Posted Dec 11, 2006
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 12.08.06 - Sophos AntiVirus Engine is vulnerable to a Heap Overflow attack when scanning malformed CHM archives. Specifically, if the CHM file has a Window_size of 0 set in a LZX decompression header then memory corruption will occur. Sophos Antivirus for Linux product version 4.03 and engine version 4.05 are affected.

tags | advisory, overflow
systems | linux
advisories | CVE-2006-5646
SHA-256 | 182af370ccde593d5804cd8d52fb3416866ed89454cd4bd2364de8c278d29f3a
iDEFENSE Security Advisory 2006-12-08.2
Posted Dec 11, 2006
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 12.08.06 - Sophos AntiVirus Engine is vulnerable to a Memory Corruption vulnerability when scanning malformed CHM archives. This memory corruption vulnerability can be triggered when Sophos Antivirus engine scans a malformed CHM file which has a large name length specified in a CHM chunk header. Affected includes Sophos Small business edition (Linux) product version 4.06.1 and engine version 2.34.3.

tags | advisory
systems | linux
advisories | CVE-2006-5647
SHA-256 | ee9c0956599b2f599795e3855ac7854534cef49c18fe996453def6c145846b4b
iDEFENSE Security Advisory 2006-12-08.1
Posted Dec 11, 2006
Authored by iDefense Labs, Damian Put, Titon | Site idefense.com

iDefense Security Advisory 12.08.06 - Remote exploitation of a denial of service vulnerability in Multiple Vendors' Antivirus engines allows an attacker to cause the engines to consume excessive resources. The affected vendors' scan engines are vulnerable to a DoS attack when scanning specially malformed RAR archives. Specifically, the malformed archives will have the head_size and pack_size fields set to zero in Archive Header section. When such a file is encountered, the affected scan engines will enter an infinite loop. Confirmed systems affected: Sophos Small business edition (Windows/Linux) 4.06.1 with engine version 2.34.3. Trend Micro PC Cillin - Internet Security 2006. Trend Micro Office Scan 7.3. Trend Micro Server Protect 5.58.

tags | advisory, remote, denial of service
systems | linux, windows
advisories | CVE-2006-5645
SHA-256 | 67c4a280c65b80adddfea7555c151689fa0a7b7c4e14641e6726e9b11f3ce9f5
imsgiheap.txt
Posted Aug 27, 2006
Authored by Damian Put | Site overflow.pl

ImageMagick versions 6.2.8 and below suffer from a heap overflow in ReadSGIImage().

tags | advisory, overflow
SHA-256 | 5950a0314acf70e0dd34e433fec8db1056c5f593a0011bb867946fcbe9014527
clamav_upx_heap.txt
Posted Aug 27, 2006
Authored by Damian Put | Site overflow.pl

Remote exploitation of a heap overflow vulnerability in ClamAV versions below 0.88.4 could allow execution of arbitrary code or cause a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary
SHA-256 | 1cd849986b87713037475de463f4c103a2493f35031e88976bb88641e50d07a1
Overflow.pl-5.txt
Posted Apr 14, 2006
Authored by Damian Put | Site overflow.pl

Overflow.pl Security Advisory #5 - Clam AntiVirus Win32-UPX Heap Overflow: Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | windows
SHA-256 | a079b9e2c3c8cd3397a0b0dcf893077f32ec7c922641600173613bedb7dccf63
BlenLoader.txt
Posted Dec 28, 2005
Authored by Damian Put | Site overflow.pl

Overflow.pl Security Advisory #4 - Blender BlenLoader Integer Overflow - Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary
SHA-256 | ecad4ecf01d7a30fd3c0c8494f3547a01b76cffdd091d9ddd8de47fbe8856d76
shoutcast194.c
Posted Dec 31, 2004
Authored by Damian Put, Tomasz Trojanowski | Site cc-team.org

SHOUTcast DNAS/Linux version 1.9.4 format string remote exploit. Tested on slackware 9.1 and 10.0. Bind a shell to port 7000.

tags | exploit, remote, shell
systems | linux, slackware
SHA-256 | d2c5f4ccf6da4f8162e3796a3521048971da31a1653d14c5d1dc589793cbd7bd
Page 1 of 1
Back1Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    21 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close