exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files from Pravus

First Active2007-05-03
Last Active2007-08-14
diskeeper-disclose.txt
Posted Aug 14, 2007
Authored by Pravus

Diskeeper suffers from a remote memory disclosure vulnerability. Exploit included.

tags | exploit, remote, info disclosure
SHA-256 | 70b1ac6a87eb969c45bd180714db1c04207811ba0e89f4133de0a96569224a90
iDEFENSE Security Advisory 2007-06-05.1
Posted Jun 7, 2007
Authored by iDefense Labs, Pravus | Site idefense.com

iDefense Security Advisory 06.05.07 - Remote exploitation of multiple denial of service vulnerabilities in Symantec Corp.'s Ghost could allow remote attackers to crash the Ghost service. These vulnerabilities affect both the client and server daemons due to what looks like a shared communications library. The daemons listen on UDP ports 1346, and 1347 respectively. By sending a malformed UDP-based request to either service, an attacker can cause the service to crash due to an invalid memory reference. This condition can be caused by any of several unique requests. In each case, the particular cause for the access violation varies. iDefense confirmed the existence of these vulnerabilities using Symantec Ghost version 8.0.992 (as supplied with Ghost Solution Suite). Other versions may be vulnerable as well.

tags | advisory, remote, denial of service, udp, vulnerability
SHA-256 | b66143fb85b4ecc4a638b1b0c2312cb75c9821753c09e18d841ae956fee69f82
iDEFENSE Security Advisory 2007-04-26.3
Posted May 3, 2007
Authored by iDefense Labs, Pravus | Site idefense.com

iDefense Security Advisory 04.26.07 - Norton Ghost allows administrators and other power users to schedule snapshots of local disks for backup and recovery purposes. If these recovery points are set to save to a remote network share Ghost will prompt the user to enter a user name and password for the share. Password information entered into Ghost for this purpose is encrypted and saved to the local file system in the applications home directory which has read access allowed for all users. The encryption key used by Ghost to decrypt these stored credentials is derived from the MD5 hash of the plain text user name stored in the configuration file. Since every user on the system has read access to these configuration files, any user can decrypt the stored passwords. iDefense verified the existence of this vulnerability on Norton Ghost 10.0. Other versions may be vulnerable as well.

tags | advisory, remote, local
SHA-256 | 69bed37f1cc9ea0f70dde0f99a8dd66d79f82e97644a049fa71d831606047e64
iDEFENSE Security Advisory 2007-04-26.2
Posted May 3, 2007
Authored by iDefense Labs, Pravus | Site idefense.com

iDefense Security Advisory 04.26.07 - Local exploitation of a buffer overflow vulnerability in Norton Ghost could allow local attackers to run code as the SYSTEM level user. Norton Ghost Service Manager is a Local Server COM object that allows privileged Ghost Backup Operators the ability to take and restore Ghost images of the system. A function within the Service Manager can be used to trigger a buffer overflow by supplying an overly long string. iDefense verified the existence of this vulnerability on Norton Ghost 10.0. Other versions may be vulnerable as well.

tags | advisory, overflow, local
SHA-256 | a49bad2ffb7eaf68d8ecfeaff769404e2e5909da2c9c7b9742fefc10f63d5cec
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close