what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Ryan Smith

First Active2006-05-22
Last Active2011-12-10
Browser Security Comparison: A Quantitative Approach
Posted Dec 10, 2011
Authored by Ryan Smith, Chris Valasek, Paul Mehta, Charlie Miller, Shawn Moyer, Joshua Drake | Site accuvant.com

Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.

tags | paper
SHA-256 | e054bd896f56e8be803b55bc04ad540e6247fb7a0bbcf3094c27a9a421226a18
iDEFENSE Security Advisory 2009-08-11.2
Posted Aug 23, 2009
Authored by iDefense Labs, Ryan Smith | Site idefense.com

iDefense Security Advisory 08.11.09 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s ATL/MFC ActiveX code as included in various vendors' ActiveX controls, could allow an attacker to execute arbitrary code within Internet Explorer (IE). iDefense has confirmed the existence of this vulnerability inside Microsoft' ATL and MFC. This vulnerability appears to be limited to MFC version 3.0. Any source code compiled with these libraries may also be vulnerable.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2009-2494
SHA-256 | edf512cb6aeb0c9390b72abd37b17a7b330c0d5d4e8ffa3daeb55ff3ca91c23d
iDEFENSE Security Advisory 2009-07-28.3
Posted Aug 23, 2009
Authored by iDefense Labs, Ryan Smith | Site idefense.com

iDefense Security Advisory 07.28.09 - Remote exploitation of an information disclosure vulnerability in Microsoft's ATL/MFC ActiveX template, as included in various vendor's ActiveX controls, allows attackers to read memory contents within Internet Explorer. iDefense has confirmed the existence of this vulnerability inside Microsoft's ATL version 9.0. Any source code compiled with these libraries may also be vulnerable. Previous versions may also be affected.

tags | advisory, remote, activex, info disclosure
advisories | CVE-2009-2495
SHA-256 | c267c222d9c34b1a2d7d1db54912e2fbbb444fafe882d61044c1ce0bd64bd46f
iDEFENSE Security Advisory 2009-07-28.2
Posted Aug 23, 2009
Authored by iDefense Labs, Ryan Smith | Site idefense.com

iDefense Security Advisory 07.28.09 - Remote exploitation of a logic flaw vulnerability in Microsoft Corp.'s ATL/MFC ActiveX code, as included in various vendors' ActiveX controls, could allow attackers to bypass ActiveX security mechanisms. iDefense has confirmed the existence of this vulnerability inside Microsoft's ATL and MFC. Although later versions of the ATL/MFC are less vulnerable, certain conditions can trigger the same exploit pattern.

tags | advisory, remote, activex
advisories | CVE-2009-2493
SHA-256 | d87248b69d8604013d1f30ba472eab8230eac08a11208461df8766f80fcdfc2e
iDEFENSE Security Advisory 2009-06-09.3
Posted Jun 11, 2009
Authored by iDefense Labs, Ryan Smith, Jun Mao | Site idefense.com

iDefense Security Advisory 06.09.09 - Remote exploitation of an integer overflow vulnerability in multiple versions of Adobe Systems Inc's Reader and Acrobat PDF reader and processor could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a FlateDecode filter inside a PDF file. FlateDecode is a filter for data compressed with zlib deflate compression method. Several parameters can be specified for the FlateDecode filter. Those values are used in an arithmetic operation that calculates the number of bytes to allocate for a heap buffer. This calculation can overflow, which results in an undersized heap buffer being allocated. This buffer is then overflowed with data decompressed from the FlateDecode stream. This leads to a heap-based buffer overflow that can result in arbitrary code execution. Acrobat Reader and Acrobat Professional versions 7.1.0, 8.1.3, 9.0.0 and prior versions are vulnerable.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2009-1856
SHA-256 | 48b4c5eb3ef997087bc4e824ebc4d6c72a992fb1b8e45a08db98b531d00f3505
2006_novell_httpstk.pdf
Posted Oct 21, 2006
Authored by Ryan Smith, Michael Ligh

Novell eDirectory/iMonitor Remote Code Execution Security Advisory: Novell's HTTP Protocol Stack (httpstk) is a component of iMonitor which provides a web-based interface for management of eDirectory, an LDAP service forming the basis for many of the world s largest identity-management deployments. The code fails to check the length of client-supplied HTTP Host request-header (e.g. Host: www.host.com) values before using them to build a formatted URL into an inadequate, statically-sized buffer on the stack. This condition occurs in a call to snprintf() while the server is preparing an HTTP redirect response and can be triggered remotely, before any authentication takes place. This can allow attacker supplied code to be executed on vulnerable systems.

tags | advisory, remote, web, code execution, protocol
SHA-256 | 83f493818d78f80ff8f029bc85f643e0e2806d60376926715e9dc35b65088b58
04072006_alwil.pdf
Posted Sep 8, 2006
Authored by Ryan Smith | Site hustlelabs.com

Hustle Labs Security Advisory - The alwil avast! Anti-virus Engine versions less than 4.7.869 for desktops and versions less than 4.7.660 for servers suffer from vulnerabilities that allows for local and remote code execution. Full details provided.

tags | advisory, remote, local, vulnerability, code execution, virus
SHA-256 | 16e662cec2bb15035d4ca8470c82242b3be4981401d5abffe91a81653f40d323
04072006_tweed.pdf
Posted Jul 26, 2006
Authored by Ryan Smith | Site hustlelabs.com

Tumbleweed's Email Firewall has three separate vulnerabilities within its LHA processing routines inside of its EMF Decomposer.

tags | advisory, vulnerability
SHA-256 | cf7a9b4501c04e92a6ed5abde20ee84edf7fef2e8eac2339fddcd0c475b3757b
04072006_rarlabs.pdf
Posted Jul 24, 2006
Authored by Ryan Smith | Site hustlelabs.com

WinRAR versions less than 3.60 beta 7 and greater than 3.0 suffer from multiple buffer overflows due to a lack of constraints while copying data.

tags | advisory, overflow
SHA-256 | f8b7381f74499f50992c3a3cf3c3f915a313f8b38f1c339d779fb109ce1a2ea2
novell_ndps_advisory.pdf
Posted May 22, 2006
Authored by Alex Wheeler, Ryan Smith | Site hustlelabs.com

Hustle Labs Advisory - There is an integer overflow present that affects Novell Windows clients and Novell Netware server and Novell Open Enterprise server. All versions of Novell Netware and Novell Netware Client for Windows are affected. All Netware based versions of Novell Open Enterprise Server are affected. Detailed analysis provided.

tags | advisory, overflow
systems | windows
SHA-256 | 435daa5ce9ab016eefbb6be70ac9be842be30a1b33f6b52faa8e122246865e00
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close