what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Inge Henriksen

Email addressinge_eivind.henriksen at chello.no
First Active2005-08-24
Last Active2007-01-13
iDEFENSE Security Advisory 2007-01-09.7
Posted Jan 13, 2007
Authored by iDefense Labs, Inge Henriksen | Site idefense.com

iDefense Security Advisory - Remote exploitation of an input validation vulnerability in Adobe Systems Inc.'s Macromedia ColdFusion MX 7 may allow an attacker to view file contents on the server. The vulnerability specifically exists in that URL encoded filenames will be decoded by the IIS process and then again by the ColdFusion process. By supplying a URL containing a double encoded null byte and an extension handled by ColdFusion, such as '.cfm', it is possible to view the contents of any file which is not interpreted by ColdFusion. iDefense has confirmed this vulnerability exists in Adobe Macromedia ColdFusion MX 7.0.2, with all available fixes, running on Microsoft IIS vulnerable.

tags | advisory, remote
advisories | CVE-2006-5858
SHA-256 | 4eb93328aca8b7d23af5ba4e80ae002d8aabb5f92bb543f0ae7df03430243dd3
fileup-disclose.txt
Posted Jan 2, 2007
Authored by Inge Henriksen | Site ingehenriksen.blogspot.com

SoftArtisans FileUp suffers from a remote script source disclosure vulnerability in viewsrc.asp.

tags | advisory, remote, asp, info disclosure
SHA-256 | 0cc4611acdce314eebb0933d165df6857cc8434466796361c14d62251baba9f9
MSIEDoS.txt
Posted Jan 21, 2006
Authored by Inge Henriksen | Site ingehenriksen.blogspot.com

Microsoft(R) Internet Explorer 5 and 6 suffer from a remote denial of service flaw using IMG and XML elements. Proof of concept code included.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | 3dca4c4cb9b808ced948bbb4b399c728f0dc2c96e5fc2e9c346f368f6960df83
iisCrash.txt
Posted Dec 27, 2005
Authored by Inge Henriksen | Site ingehenriksen.blogspot.com

It appears that malformed HTTP requests to IIS versions 5.0, 5.1, and 6.0 allow for a remote crash of the service.

tags | advisory, remote, web
SHA-256 | 6d185deb53682ef93b3fa88fdec275761c1a6503427ac16a9c6c4de27066e357
fileZillaDoS.txt
Posted Nov 8, 2005
Authored by Inge Henriksen

FileZilla Server Terminal version 0.9.4d appears to suffer from a buffer overflow vulnerability when being passed 900-3000 characters to the USER directive.

tags | advisory, overflow
SHA-256 | 334bebb9956a106eb2cd459c8d4304a22a36821a0e716ac35a08441077fc83c3
SpoofIISServerName_public.txt
Posted Aug 24, 2005
Authored by Inge Henriksen

It is possible to remotely spoof the Microsoft Internet Information Server 5.0, 5.1 and 6.0 SERVER_NAME variable by doing a modified HTTP request. This allows for the revealing of sensitive ASP code through the IIS 500-100.asp error page.

tags | advisory, web, spoof, asp
SHA-256 | 9265062b769c12c9797d72a61a3d47995803db86c2d1079cb92eaf33f0bc6113
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close