exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files from Manuel Santamarina Suarez

Email addressfistfuxxer at gmx.de
First Active2006-01-08
Last Active2010-04-17
iDEFENSE Security Advisory 2010-04-15.1
Posted Apr 17, 2010
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 04.15.10 - Remote exploitation of a stack-based buffer overflow vulnerability within AgentX++, as distributed with multiple vendors' products, allows attackers to execute arbitrary code with the privileges of the AgentX master process. This vulnerability exists within the AgentX::receive_agentx function. By sending multiple blocks of data to the vulnerable function, an attacker could overwrite the data following the stack buffer, including the saved return address.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-1318
MD5 | 6da7ada8b945d4bc82b9b0ff286ef69a
iDEFENSE Security Advisory 2009-06-25.1
Posted Jun 26, 2009
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 06.25.09 - Remote exploitation of a stack based buffer overflow vulnerability in Unisys's Business Information Server could allow an attacker to execute arbitrary code with the privileges of the affected service. If attackers send a packet to the Unisys Business Information Server over a TCP port, the attacker can corrupt stack memory and gain arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Business Information Server version 10. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2009-1628
MD5 | 281383e532465373da8e40325d9f5ed8
Zero Day Initiative Advisory 08-071
Posted Oct 31, 2008
Authored by Tipping Point, Manuel Santamarina Suarez | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express for Microsoft SQL. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Data Protection for SQL CAD service, dsmcat.exe, which listens by default on a TCP port above 1024. The process trusts a user-supplied size value, receiving the specified amount of data into a static heap buffer. By sending a specially crafted packet, an attacker can overflow that buffer leading to arbitrary code execution in the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution
MD5 | aae91fdbcd4042c03d43b7718a801a2e
sametime-exploit.txt
Posted May 22, 2008
Authored by Manuel Santamarina Suarez

IBM Lotus Sametime StMUX stack overflow exploit that binds a shell to port 4444.

tags | exploit, overflow, shell
MD5 | e1101cf6283a0e595c837a3d2488d910
Zero Day Initiative Advisory 08-028
Posted May 22, 2008
Authored by Tipping Point, Manuel Santamarina Suarez | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Sametime. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of long URLs in the Community Services Multiplexer (StMux.exe) listening on TCP port 1533. A specially crafted URL can be passed into a vulnerable sscanf() function that will result in a stack overflow resulting in the ability to execute arbitrary code.

tags | advisory, remote, overflow, arbitrary, tcp
MD5 | 404cd26da5a98fbf55a71c9a209da6f4
iDEFENSE Security Advisory 2007-10-31.2
Posted Oct 31, 2007
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 10.31.07 - Remote exploitation of a directory traversal vulnerability in Symantec's Altiris Deployment Solution products could allow attackers to gain read access to arbitrary files hosted on the Altiris server. iDefense confirmed the existence of this vulnerability in Altiris Deployment Solution for Windows version 6.8. The specific vulnerable executable is pxemtftp.exe version 6.8.8297.48.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2007-3874
MD5 | 69c30592d1e81af223bc206a0d0fbd5f
CVE-2007-3510.pl.txt
Posted Oct 29, 2007
Authored by Manuel Santamarina Suarez

IBM Lotus Domino IMAP4 server LSUB command exploit. Binds a shell to tcp/4444.

tags | exploit, shell, tcp
advisories | CVE-2007-3510
MD5 | 12b53ef68ec56d33b813e403f6e5a6c9
iDEFENSE Security Advisory 2007-10-23.2
Posted Oct 25, 2007
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 10.23.07 - Remote exploitation of a buffer overflow vulnerability within IBM Corp.'s Lotus Domino allows attackers to execute arbitrary code in the context of the IMAP service. iDefense has confirmed the existence of this vulnerability within version 7.0.2.2 of Lotus Domino running on Linux as well as Windows Server 2003. Previous versions, as well as builds for other platforms, are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary, imap
systems | linux, windows
advisories | CVE-2007-3510
MD5 | 2d681b98adb81361108206364d31c320
iDEFENSE Security Advisory 2007-07-18.2
Posted Jul 19, 2007
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 07.18.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Ipswitch Inc.'s IMail Server 2006 could allow attackers to execute arbitrary code. IMail includes an IMAP daemon that users can use to access their email. The "Search" IMAP command contains an exploitable stack-based buffer overflow vulnerability. Additionally, the "Search charset" contains an exploitable heap-based buffer overflow vulnerability. iDefense has confirmed the existence of these vulnerabilities in IMail Server 2006. The vulnerable executable used was version 6.8.8.1 of imapd32.exe.

tags | advisory, remote, overflow, arbitrary, vulnerability, imap
MD5 | 1e0ce85fd16d67c016ab72edc74b38c8
iDEFENSE Security Advisory 2007-07-17.1
Posted Jul 18, 2007
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 07.17.07 - Remote exploitation of a denial of service vulnerability within version 5.1.0.2 of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment allows attackers to deny service to all product functionality. This vulnerability specifically exists in the TFTP protocol implementation. When processing a read request (RRQ), an integer division by zero error can be triggered by supplying an invalid "blksize" argument. This exception is not handled and will result in the rembo.exe service terminating. iDefense has confirmed the existence of this vulnerability in version 5.1.0.2 of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment. Version 5.1.0.116 was tested and found not to be vulnerable.

tags | advisory, remote, denial of service, protocol
advisories | CVE-2007-3268
MD5 | 187130b0ce36ace72f8f29c8f4ff40e6
Zero Day Initiative Advisory 07-026
Posted May 10, 2007
Authored by Tipping Point, Manuel Santamarina Suarez | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file.

tags | advisory, remote, arbitrary
advisories | CVE-2007-0215
MD5 | cbfb13003f84a5ef4c8519777a101fc6
iDEFENSE Security Advisory 2007-02-02.t
Posted Feb 6, 2007
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to trigger a heap corruption vulnerability. The vulnerability can be triggered by sending an overly long HTTP CONNECT request to WinProxy's HTTP proxy service. iDefense has confirmed this vulnerability in WinProxy 6.1a and 6.0 r1c. All previous versions are suspected vulnerable.

tags | advisory, remote, web
MD5 | 952bc9a9e5539510beb9c556c2a4e22b
XHNB-Novell-eDirectory_remote_bof.c
Posted Nov 7, 2006
Authored by Expanders, Manuel Santamarina Suarez

Novell eDirectory versions 9.0 and below DHost remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 1ed95b6be03b156bf4d22e7d5f95b29e
novelleDir88.pl.txt
Posted Nov 7, 2006
Authored by Manuel Santamarina Suarez

Novell eDirectory 8.8 NDS server remote stack overflow exploit.

tags | exploit, remote, overflow
MD5 | 5daed4de215b093baea043c39238ece5
hlink_exploit_pl.txt
Posted Jun 29, 2006
Authored by Manuel Santamarina Suarez

Microsoft Office Excel 2003 Hlink Stack/SEH Overflow Exploit

tags | exploit, overflow
MD5 | f502b63302740ccf2a2bc59fc7fcc88d
iDEFENSE Security Advisory 2006-01-05.2
Posted Jan 8, 2006
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 01.05.06 - Remote exploitation of a buffer overflow vulnerability in Blue Coat Systems Inc.'s WinProxy allows for the remote execution of arbitrary code by attackers. The vulnerability can be triggered by sending an overly long Host: string to the web proxy service.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2005-4085
MD5 | 777092cbfe22925db03c68275c4b7bf5
iDEFENSE Security Advisory 2006-01-05.1
Posted Jan 8, 2006
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 01.05.06 - Remote exploitation of a design error in Blue Coat Systems Inc.'s WinProxy allows attackers to cause a denial of service (DoS) condition. The vulnerability specifically exists due to improper handling of a long HTTP request that is approximately 32,768 bytes long. When such a request occurs, the process will crash while attempting to read past the end of a memory region.

tags | advisory, remote, web, denial of service
advisories | CVE-2005-3187
MD5 | 7bbb5db0939154c658a9a2161a256079
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    33 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close