what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files from Sebastian Apelt

Email addresswebmaster at buzzworld.org
First Active2005-11-20
Last Active2011-08-19
EMC AutoStart Buffer Overflow
Posted Aug 19, 2011
Authored by Sebastian Apelt | Site emc.com

EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2011-2735
MD5 | 88a691d0c23824d63911880d6b7b4549
iDEFENSE Security Advisory 2008-12-02.4
Posted Dec 5, 2008
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 12.02.08 - Remote exploitation of an integer overflow vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. As part of its font API, the JRE provides the ability to load a font from a remote URL. Various types of fonts are supported, one of which is the TrueType format font. The vulnerability occurs when parsing various structures in TrueType font files. During parsing, values are taken from the file, and without being properly validated, used in operations that calculate the number of bytes to allocate for heap buffers. The calculations can overflow, resulting in a potentially exploitable heap overflow. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_05 for Windows. Previous versions may also be affected.

tags | advisory, java, remote, overflow, arbitrary
systems | windows
MD5 | 07caf4b63ab7d3f6b30fb8fe9d83c3c3
iDEFENSE Security Advisory 2008-10-29.1
Posted Oct 31, 2008
Authored by iDefense Labs, Sebastian Apelt, Code Audit Labs | Site idefense.com

iDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2008-2238
MD5 | d171510742688331e37fb3cc9eb6cf1a
Zero Day Initiative Advisory 08-041
Posted Jul 10, 2008
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, bound by default to TCP port 524. Flawed arithmetic applied to a user-supplied value results in an integer overflow and subsequently a complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.

tags | advisory, remote, overflow, arbitrary, tcp
MD5 | 9cfa34b6bf73c1a556194e079dd0e523
Zero Day Initiative Advisory 08-039
Posted Jun 11, 2008
Authored by Peter Vreugdenhil, Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData() method when called on a DOM object that has been manipulated in a special way. The attack results in an exploitable heap buffer allowing for code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2008-1442
MD5 | 9aedb0de93f37d59642ba58f762c6f66
CAID-scmgw.txt
Posted Jun 5, 2008
Authored by Sebastian Apelt, Cody Pierce | Site www3.ca.com

CA Secure Content Manager contains multiple vulnerabilities in the HTTP Gateway service that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
MD5 | 8ec4ecb144db690c89a16b3fe908a140
Zero Day Initiative Advisory 08-036
Posted Jun 5, 2008
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.

tags | advisory, web, overflow, arbitrary
advisories | CVE-2008-2541
MD5 | c136c175d2c76b7db8227fb2cf20d11e
iDEFENSE Security Advisory 2008-02-12.5
Posted Feb 13, 2008
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 02.12.08 - Remote exploitation of multiple integer overflow vulnerabilities in Adobe Systems Inc.'s Flash Media Server 2 could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, windows
advisories | CVE-2007-6149
MD5 | c01b3d0bd61486b81a51c53670a21e62
Zero Day Initiative Advisory 08-01
Posted Jan 14, 2008
Authored by Tipping Point, Sebastian Apelt, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express. Authentication is not required to exploit this vulnerability. The specific flaw resides in the TSM Express Backup Server service, dsmsvc.exe, which listens by default on TCP port 1500. The process trusts a user-supplied length value. By supplying a large number, an attacker can overflow a static heap buffer leading to arbitrary code execution in the context of the SYSTEM user. Tivoli Storage Manager Express version 5.3 is affected.

tags | advisory, overflow, arbitrary, tcp, code execution
advisories | CVE-2008-0247
MD5 | 7a0c52554fa38a18476a3e556c03e3d5
Zero Day Initiative Advisory 07-054
Posted Sep 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express. Authentication is not required to exploit this vulnerability. The specific flaw exists in the dsmcad.exe process bound by default on TCP port 1581. During HTTP header parsing, a host parameter of sufficient length will trigger an overflow through a call to vswprintf(). The call overflows into imported function pointers which are later called. Exploitation of this issue can result in arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, tcp, code execution
advisories | CVE-2007-4880
MD5 | d94fdf8ee105d5fcc99dc5ec05fd3ad4
Zero Day Initiative Advisory 07-051
Posted Sep 9, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Server Protect. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine TMregChange() exported by TMReg.dll which is reachable through the custom protocol subcode "\x15\x00\x00\x00". The TCP socket bound to port 5005 receives user-supplied data which is copied without proper bounds checking to a stack-based buffer. Thereby resulting in an exploitable condition.

tags | advisory, remote, arbitrary, tcp, protocol
advisories | CVE-2007-4731
MD5 | 069c90a5da80f13229feadaf50d40ec4
iDEFENSE Security Advisory 2007-07-24.2
Posted Jul 25, 2007
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 07.24.07 - Remote exploitation of a design error vulnerability in Computer Associates International Inc.'s (CA) eTrust Intrusion Detection allows attackers to execute arbitrary code. iDefense has confirmed that CA eTrust Intrusion Detection version 3.0.5 on Windows is vulnerable. The file version of caller.dll tested was 3.0.5.55.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2007-3302
MD5 | 9d2f71feb74c13277bfb86cb0ac81e17
Zero Day Initiative Advisory 07-043
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.

tags | advisory, overflow, arbitrary, tcp, imap
advisories | CVE-2007-2795
MD5 | 4d9363e8bfef764f9a43302e007ecf63
Zero Day Initiative Advisory 07-042
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.

tags | advisory, arbitrary
advisories | CVE-2007-2795
MD5 | e595d01aebe1824018e5170a0c039dc9
Zero Day Initiative Advisory 06-06
Posted Apr 1, 2006
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-06-006: A buffer overflow exists in the Symantec VERITAS NetBackup Database Manager. Version 6.0 is affected.

tags | advisory, overflow
MD5 | f38b6ec7ed39de2fa80303766c99d7d4
Zero Day Initiative Advisory 06-05
Posted Apr 1, 2006
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-06-005: A buffer overflow exists in the Symantec VERITAS Volume Manager. Version 6.0 is affected.

tags | advisory, overflow
MD5 | 82677173acd7a9b47769aa41a5d4f878
iDEFENSE Security Advisory 2006-02-10.t
Posted Feb 13, 2006
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDEFENSE Security Advisory 02.10.06 - Remote exploitation of a denial of service vulnerability in IBM Corp.'s Lotus Domino LDAP server allows attackers to crash the service, thereby preventing legitimate access. iDEFENSE is currently unaware of exploits for this vulnerability other than those maintained by iDEFENSE Labs. iDEFENSE has confirmed the existence of this vulnerability in Lotus Domino Server version 6.5.4. It is suspected that earlier versions of Lotus Domino Server are also affected.

tags | advisory, remote, denial of service
advisories | CVE-2005-2712
MD5 | bc8355da78cbb6e50ad03eeec11df593
iDEFENSE Security Advisory 2005-12-06.2
Posted Dec 9, 2005
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDEFENSE Security Advisory 12.06.05 - Remote exploitation of a denial of service (DoS) vulnerability in Ipswitch Inc.'s Imail IMAP server allows attackers to crash the target service, thereby preventing legitimate use. The problem specifically exists in handling long arguments to the LIST command. When a LIST command of approximately 8000 bytes is supplied, internal string parsing routines can be manipulated in such a way as to reference non-allocated sections of memory. This parsing error results in an unhandled access violation, forcing the daemon to exit. iDEFENSE has confirmed the existence of this vulnerability in Ipswitch IMail 8.2.

tags | advisory, remote, denial of service, imap
advisories | CVE-2005-2923
MD5 | 3cb9433c78219e0fd4175a7e8f068c5e
Zero Day Initiative Advisory 05-03
Posted Nov 20, 2005
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-05-003: Novell Netmail IMAPD suffers from buffer overflows. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netmail. Authentication is required to exploit this vulnerability. Affected Products: Novell Netmail 3.5.2.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-3314
MD5 | 620070894ccdf846fe35589155791a55
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close