exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files from Mario Ballano

Email addressmballano at gmail.com
First Active2006-05-21
Last Active2007-12-24
2007-MessageQueue.zip
Posted Dec 24, 2007
Authored by Andres Tarasco, Mario Ballano | Site 514.es

Microsoft Windows 2000 AS SP4 Message Queue exploit that takes advantage of the vulnerability noted in MS07-065.

tags | exploit
systems | windows
advisories | CVE-2007-3039
SHA-256 | c98477bc57103e54dfdc98421ad052473c5dfb8a29b81a40cde4e96a8bd1735a
qt_pdat_heapbof.pdf
Posted Nov 13, 2007
Authored by Mario Ballano | Site 48Bits.com

QuickTime is prone to a heap overflow vulnerability when parsing malformed Panorama Sample Atoms, which are used in QuickTime Virtual Reality Movies.

tags | advisory, overflow
SHA-256 | 6388b6b6934a3fac4ccb15945bfd995fcbc86b13c79aec4131607d5111213539
Zero Day Initiative Advisory 07-065
Posted Nov 6, 2007
Authored by Tipping Point, Ruben Santamarta, Mario Ballano | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the parsing of the CTAB atom. While reading the CTAB RGB values, an invalid color table size can cause QuickTime to write past the end of the heap chunk. This memory corruption can lead to the execution of arbitrary code. QuickTime version 7.2 is affected.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2007-4677
SHA-256 | f41eb0c98c59bc787e7c6f5beb244f618216d6a53083be1858854cbcb546744a
iDEFENSE Security Advisory 2007-11-05.1
Posted Nov 6, 2007
Authored by iDefense Labs, Mario Ballano | Site idefense.com

iDefense Security Advisory 11.05.07 - Remote exploitation of a heap overflow vulnerability in Apple Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. iDefense Labs confirmed this vulnerability exists in QuickTime VR extension 7.2.0.240 as included in QuickTime Player 7.2. Previous versions are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2007-4675
SHA-256 | cc6ea2e8a8e2dbe86dd2fe554b99613956ff2f4d2973039ec6630f452c891c7c
npfxpl.c
Posted Jul 11, 2007
Authored by Mario Ballano | Site 48Bits.com

WinPcap NPF.SYS privilege escalation vulnerability proof of concept exploit. Affects WinPcap versions 3.1 and 4.1.

tags | exploit, proof of concept
SHA-256 | 99f929d9159b19f4569b30b6c58030d578886ebf65c0304419174a55a04648c0
iDEFENSE Security Advisory 2007-07-09.1
Posted Jul 10, 2007
Authored by iDefense Labs, Mario Ballano | Site idefense.com

iDefense Security Advisory 07.09.07 - Local exploitation of an input validation vulnerability within the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context. The vulnerability specifically exists due to insufficient input validation when handling the Interrupt Request Packet (Irp) parameters passed to IOCTL 9031 (BIOCGSTATS). By passing carefully chosen parameters to this IOCTL, an attacker can overwrite arbitrary kernel memory. iDefense has confirmed the existence of this vulnerability in version 4.0 of WinPcap as included in Wireshark 0.99.5. The version of NPF.SYS tested was 4.0.0.755. Older versions are suspected to be vulnerable.

tags | advisory, arbitrary, kernel, local
SHA-256 | 46e2bfe73ac2f8cddb383c6eb203c2af59b776d93221bddaf74a00d1d638a46c
Microsoft_Dns_Server_Exploit.zip
Posted Apr 17, 2007
Authored by Andres Tarasco, Mario Ballano | Site 514.es

Microsoft DNS Server remote code execution exploit and analysis. This exploit works against TCP port 445. Tested against Windows 2000 server SP4 and Windows 2003 SP2. Binds a shell to TCP port 4444.

tags | exploit, remote, shell, tcp, code execution
systems | windows
advisories | CVE-2007-1748
SHA-256 | da933bee902a9d0ad317df3b6dae1ddd4b4844a53889479f6ff633eed2376da5
ntdlldll.txt
Posted May 21, 2006
Authored by Mario Ballano | Site 48Bits.com

Microsoft Windows NTDLL.DLL is prone to an incorrect path conversion vulnerability. This flaw could be successful exploited by malicious users in order to bypass protection mechanisms implemented by certain antivirus and antispyware products.

tags | advisory
systems | windows
SHA-256 | 32b4fc18480ffd4736b0b9a081bcb44188f975ffcfc4700bcb0597e3cae461a5
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close