exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from Eric DETOISIEN

First Active2006-11-13
Last Active2008-01-18
Zero Day Initiative Advisory 08-02
Posted Jan 18, 2008
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Independent Management Architecture service, ImaSrv.exe, which listens by default on TCP port 2512 or 2513. The process trusts a user-suppled value as a parameter to a memory allocation. By supplying a specific value, an undersized heap buffer may be allocated. Subsequently, an attacker can then overflow that heap buffer by sending an overly large packet leading to arbitrary code execution in the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution
SHA-256 | f74d157f42833663912a8b445195d23fdb27067cc6aaf7f59aeada0bda2796a8
Zero Day Initiative Advisory 07-077
Posted Dec 18, 2007
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

Vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. ServerProtect version 5.58 is affected.

tags | advisory, arbitrary, vulnerability
SHA-256 | 6ad2eeb8a167a376f36d22822c5d9585abd6c666dd64e97382620b09b3251985
Zero Day Initiative Advisory 07-059
Posted Nov 1, 2007
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. When parsing several different file formats a standard stack overflow occurs allowing a malicious user to gain complete control of the affected machine under the rights of the currently logged in user. The problem lies when copying user supplied data to a stack based buffer without any boundary conditions.

tags | advisory, overflow, vulnerability
SHA-256 | 4863ff0d14c0d7c847a96dda4581225ea04b1b5536d6a6fa81b49fe813521e2e
Zero Day Initiative Advisory 07-025
Posted May 8, 2007
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit this vulnerability. The specific flaw exists in the SpntSvc.exe daemon, bound by default on TCP port 5168 and exposing the following DCE/RPC interface through TmRpcSrv.dll.

tags | advisory, arbitrary, tcp
advisories | CVE-2007-2508
SHA-256 | edeeae669ef34c8fd542888a7411599d8a70dd4b5ac67a4fc6023990c2d7b1f0
Zero Day Initiative Advisory 07-024
Posted May 8, 2007
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

Multiple vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Trend Micro ServerProtect. Authentication is not required to exploit these vulnerabilities. The specific flaw exists in the EarthAgent.exe daemon, bound by default on TCP port 3628 and exposing the following DCE/RPC interface through TmRpcSrv.dll.

tags | advisory, arbitrary, tcp, vulnerability
advisories | CVE-2007-2508
SHA-256 | a78892500902758ec7a684ba6cd4b9f96dd206ee6c0566b624005f095690cb14
iDEFENSE Security Advisory 2007-04-02.1
Posted Apr 3, 2007
Authored by iDefense Labs, ri0t, Eric DETOISIEN, Titon | Site idefense.com

iDefense Security Advisory 04.02.07 - Remote exploitation of a buffer overflow vulnerability in an ActiveX control installed by Hewlett-Packard Mercury Quality Center could allow for the execution of arbitrary code. iDefense has confirmed this vulnerability in the control that is installed with the 9.0 version of Hewlett-Packard Mercury Quality Center. The vulnerable ActiveX control is version 9.1.0.4353.

tags | advisory, remote, overflow, arbitrary, activex
SHA-256 | 5b7a58a511de0448a1f3aa7cfacb09134ed75ed21003432e47ea7cef077143a6
iDEFENSE Security Advisory 2006-12-01.2
Posted Dec 6, 2006
Authored by iDefense Labs, Eric DETOISIEN | Site idefense.com

iDefense Security Advisory 12.01.06 - Remote exploitation of an integer overflow vulnerability in Novell Inc.'s ZENworks Asset Management could potentially allow an attacker to execute arbitrary code with the privileges of the administrator. A heap overflow may occur when processing specially crafted packets sent to the Task Server or Collection Server daemons. This problem specifically exists due to an integer overflow when allocating memory for remotely supplied data. iDefense has confirmed the existence of this vulnerability in version 7.0.0.36 of the CClient.exe and Msg.dll files included with Novell Inc's ZENworks Asset Management 7.0 SP1. Older versions are suspected to be vulnerable as well.

tags | advisory, remote, overflow, arbitrary
SHA-256 | e9a40c3458b59e53ba5d15197a2a5455f8843d85ded949fbb675a67d1cd6d2ba
iDEFENSE Security Advisory 2006-12-01.1
Posted Dec 6, 2006
Authored by iDefense Labs, Eric DETOISIEN | Site idefense.com

iDefense Security Advisory 12.01.06 - Remote exploitation of an integer overflow vulnerability in Novell Inc.'s ZENworks Asset Management could potentially allow an attacker to execute arbitrary code with SYSTEM privileges on Windows or root on the various supported UNIX based operating systems. A heap overflow may occur when processing specially crafted packets sent to the Collection Client daemon. The root cause of this vulnerability is identical to that of the vulnerability in Msg.dll. For more information please consult the Msg.dll advisory. iDefense has confirmed the existence of this vulnerability in version 7.0.0.36 of the CClient.exe and Msg.dll files included with Novell Inc's ZENworks Asset Management 7.0 SP1. Older versions are suspected to be vulnerable as well.

tags | advisory, remote, overflow, arbitrary, root
systems | windows, unix
SHA-256 | 28d4a5efc7015bd15fb43b1b53ad714be2b1de7923464ddd5634921634236645
iDEFENSE Security Advisory 2006-11-08.3
Posted Nov 13, 2006
Authored by iDefense Labs, Eric DETOISIEN | Site idefense.com

iDefense Security Advisory 11.08.06 - Remote exploitation of an input validation error in Citrix Systems Inc.'s Metaframe Presentation Server 4.0 IMA service may allow an attacker to cause a denial of service (DoS) condition. The IMA (Independent Management Architecture) server component Citrix's Presentation Server (previously known as Metaframe) contains an input validation error in the handling of certain packet types. By constructing a specific packet, it is possible to cause the service to reference an unmapped memory address. This causes an unhandled exception, which in turn causes the service to exit, resulting in a DoS condition. This vulnerability has been confirmed to affect Citrix Presentation Server 4.0. Previous versions may also be affected.

tags | advisory, remote, denial of service
SHA-256 | 6cbb80e9d1121039d25d51965a6e8224a96c1c5c2f11e6ae1accdb5784cfc172
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close