what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files from Damian Put

Email addresspucik at overflow.pl
First Active2004-12-31
Last Active2008-12-05
Zero Day Initiative Advisory 08-080
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page. The specific flaw occurs within the Java AWT library. If a custom image model is used for the source 'Raster' during a conversion through a 'ConvolveOp' operation, the imaging library will calculate the size of the destination raster for the conversion incorrectly leading to a heap-based overflow. This can result in arbitrary code execution under the context of the current user.

tags | advisory, java, remote, web, overflow, arbitrary, code execution
MD5 | 6200c629b04c2740d64b04f0879bbc55
Zero Day Initiative Advisory 08-079
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing a malformed XML tag, the application does not allocate enough space for it's contents. During copying of this to the newly allocated buffer, the application will overwrite heap structures with attacker-supplied data that can then be leveraged to achieve code execution with the privileges of the application.

tags | advisory, remote, arbitrary, code execution
MD5 | 5c33ef45a713fb9fab72ba7ab351a538
Zero Day Initiative Advisory 08-078
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to potentially execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XML processing code for Trillian. When parsing specially formulated xml, the application will corrupt an internal data structure. Whilst deallocating this data structure, the application can be tricked into freeing a single allocated chunk multiple times, which can potentially lead to code execution.

tags | advisory, remote, arbitrary, code execution
MD5 | db76e862a86f3f426b66c3c40df3c559
Zero Day Initiative Advisory 08-077
Posted Dec 5, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tooltip processing code for Trillian. When creating a tooltip for an image, the application generates an XML tag including a property containing the filename. This data is then copied directly into a stack-based buffer without any length verifications which can eventually lead to code execution with the privileges of the client.

tags | advisory, remote, arbitrary, code execution
MD5 | 5ce4757c7bf333bd990e08eb00f1b836
iDEFENSE Security Advisory 2008-08-12.2
Posted Aug 13, 2008
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 08.12.08 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Office filter for WordPerfect Graphics Files, could allow an attacker to execute arbitrary code with the privileges of the victim. This vulnerability specifically lies within the "WPGIMP32.FLT" module. A heap overflow can occur when processing a malformed Wordperfect Graphics (WPG) file. By corrupting heap memory, it is possible to execute arbitrary code. iDefense has confirmed this vulnerability in the following versions of Microsoft Office; Office XP SP3, Office 2003 SP2, Office 97. Other versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-3460
MD5 | 73fc127e380cf480fb78edda5252dd91
Zero Day Initiative Advisory 08-027
Posted May 20, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserve Backup. Authentication is not required exploit this vulnerability. The specific flaw exists within the caloggerd log daemon during the processing of log messages that contain directory traversal modifiers. A lack of sanity checking on the provided path allows attackers to append arbitrary data to a file of their choosing and can easily result in a full system compromise.

tags | advisory, remote, arbitrary
advisories | CVE-2008-2241
MD5 | f899af6260049b65f2a53fb1994143bd
Zero Day Initiative Advisory 08-026
Posted May 20, 2008
Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of CA BrightStor ARCserve Backup for Linux. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper bounds checking in the xdr_rwsstring() library function. By sending a long parameter into a daemon using this function to process strings, a stack based buffer overflow occurs, leading to execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux
advisories | CVE-2008-2242
MD5 | 7c46da1a5c684af64366f73a09e2c1a4
iDEFENSE Security Advisory 2008-04-14.2
Posted Apr 16, 2008
Authored by iDefense Labs, Damian Put, Thomas Pollet | Site idefense.com

iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for reading in sections within a PE binary packed with the WWPack executable compressor. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
MD5 | 1c921dba4cf8fb44e3d81f7dfc3c50eb
iDEFENSE Security Advisory 2008-04-14.1
Posted Apr 16, 2008
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 04.14.08 - Remote exploitation of a heap overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. The vulnerability exists within the code responsible for decompressing sections within a PE binary packed with the PeSpin executable protector. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92.1. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-0314
MD5 | 0cff3792678a8d41bb86d0a0066243e0
iDEFENSE Security Advisory 2008-02-12.2
Posted Feb 13, 2008
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 02.12.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Works Converter, as included with Microsoft Office, could potentially allow an attacker to execute arbitrary code as the current user. This vulnerability stems from improper input validation of OLE structures within wkcvqd01.dll when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, heap corruption can occur. This leads to a potentially exploitable condition. iDefense has confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable to this issue. Older versions are assumed to be vulnerable as well. Additionally, Microsoft Works itself is suspected to be vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2007-0216
MD5 | 08d9b1088229a0b470104e19a8c1a6ba
iDEFENSE Security Advisory 2007-02-16.1
Posted Feb 24, 2007
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 02.16.07 - TrendMicro's ServerProtect product uses a web interface which runs on port TCP 14942 to configure the product. This interface is protected with a user configurable password. Upon successful login, a cookie is set with the name 'splx_2376_info' and a valid session id as its value. The ServerProtect web application suffers from a design error vulnerability in its authorization checking routines. Attackers can gain full access to the web application by requesting any internal page while supplying their own 'splx_2376_info' cookie with an arbitrary value. iDefense has confirmed this vulnerability in Trend ServerProtect v1.3 for Linux. This vulnerability is not present in the Windows based versions of Server protect.

tags | advisory, web, arbitrary, tcp
systems | linux, windows
MD5 | f95f0a15b78c940c6b57b3b8b6290278
iDEFENSE Security Advisory 2006-12-08.3
Posted Dec 11, 2006
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 12.08.06 - Sophos AntiVirus Engine is vulnerable to a Heap Overflow attack when scanning malformed CHM archives. Specifically, if the CHM file has a Window_size of 0 set in a LZX decompression header then memory corruption will occur. Sophos Antivirus for Linux product version 4.03 and engine version 4.05 are affected.

tags | advisory, overflow
systems | linux
advisories | CVE-2006-5646
MD5 | 69c008e6faa57caf714a10cd1017f259
iDEFENSE Security Advisory 2006-12-08.2
Posted Dec 11, 2006
Authored by iDefense Labs, Damian Put | Site idefense.com

iDefense Security Advisory 12.08.06 - Sophos AntiVirus Engine is vulnerable to a Memory Corruption vulnerability when scanning malformed CHM archives. This memory corruption vulnerability can be triggered when Sophos Antivirus engine scans a malformed CHM file which has a large name length specified in a CHM chunk header. Affected includes Sophos Small business edition (Linux) product version 4.06.1 and engine version 2.34.3.

tags | advisory
systems | linux
advisories | CVE-2006-5647
MD5 | 1b7f4f23ff6d7e3952f59e7327585d13
iDEFENSE Security Advisory 2006-12-08.1
Posted Dec 11, 2006
Authored by iDefense Labs, Damian Put, Titon | Site idefense.com

iDefense Security Advisory 12.08.06 - Remote exploitation of a denial of service vulnerability in Multiple Vendors' Antivirus engines allows an attacker to cause the engines to consume excessive resources. The affected vendors' scan engines are vulnerable to a DoS attack when scanning specially malformed RAR archives. Specifically, the malformed archives will have the head_size and pack_size fields set to zero in Archive Header section. When such a file is encountered, the affected scan engines will enter an infinite loop. Confirmed systems affected: Sophos Small business edition (Windows/Linux) 4.06.1 with engine version 2.34.3. Trend Micro PC Cillin - Internet Security 2006. Trend Micro Office Scan 7.3. Trend Micro Server Protect 5.58.

tags | advisory, remote, denial of service
systems | linux, windows
advisories | CVE-2006-5645
MD5 | 5c0000a6d35f7f12401a74a547016533
imsgiheap.txt
Posted Aug 27, 2006
Authored by Damian Put | Site overflow.pl

ImageMagick versions 6.2.8 and below suffer from a heap overflow in ReadSGIImage().

tags | advisory, overflow
MD5 | 4543fb0874a95e128b1f8644b01981a3
clamav_upx_heap.txt
Posted Aug 27, 2006
Authored by Damian Put | Site overflow.pl

Remote exploitation of a heap overflow vulnerability in ClamAV versions below 0.88.4 could allow execution of arbitrary code or cause a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary
MD5 | 39cdda45a4ece3067080a595993d5936
Overflow.pl-5.txt
Posted Apr 14, 2006
Authored by Damian Put | Site overflow.pl

Overflow.pl Security Advisory #5 - Clam AntiVirus Win32-UPX Heap Overflow: Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | windows
MD5 | 0a10805c763ec4646ac7f1c2f9dadbc5
BlenLoader.txt
Posted Dec 28, 2005
Authored by Damian Put | Site overflow.pl

Overflow.pl Security Advisory #4 - Blender BlenLoader Integer Overflow - Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary
MD5 | 34f636e444049151bc082ac9d7d5f5cb
shoutcast194.c
Posted Dec 31, 2004
Authored by Damian Put, Tomasz Trojanowski | Site cc-team.org

SHOUTcast DNAS/Linux version 1.9.4 format string remote exploit. Tested on slackware 9.1 and 10.0. Bind a shell to port 7000.

tags | exploit, remote, shell
systems | linux, slackware
MD5 | 10a9677625a70dc41e3a961b0e06168d
Page 1 of 1
Back1Next

File Archive:

March 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    2 Files
  • 2
    Mar 2nd
    18 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    12 Files
  • 5
    Mar 5th
    19 Files
  • 6
    Mar 6th
    8 Files
  • 7
    Mar 7th
    1 Files
  • 8
    Mar 8th
    1 Files
  • 9
    Mar 9th
    11 Files
  • 10
    Mar 10th
    15 Files
  • 11
    Mar 11th
    9 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    13 Files
  • 14
    Mar 14th
    10 Files
  • 15
    Mar 15th
    13 Files
  • 16
    Mar 16th
    27 Files
  • 17
    Mar 17th
    15 Files
  • 18
    Mar 18th
    23 Files
  • 19
    Mar 19th
    25 Files
  • 20
    Mar 20th
    10 Files
  • 21
    Mar 21st
    6 Files
  • 22
    Mar 22nd
    1 Files
  • 23
    Mar 23rd
    22 Files
  • 24
    Mar 24th
    15 Files
  • 25
    Mar 25th
    22 Files
  • 26
    Mar 26th
    20 Files
  • 27
    Mar 27th
    15 Files
  • 28
    Mar 28th
    10 Files
  • 29
    Mar 29th
    1 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close