all things security
Showing 1 - 25 of 48 RSS Feed

Files from Glafkos Charalambous

Email addressglafkos at astalavista.com
First Active2007-06-07
Last Active2015-09-08
Cisco Sourcefire User Agent 2.2 Insecure File Permissions
Posted Sep 8, 2015
Authored by Glafkos Charalambous

Cisco Sourcefire User Agent version 2.2 suffers from an insecure file permissions vulnerability.

tags | advisory
systems | cisco
MD5 | 8a5cf983dfc4d06c438392daa8abe4bd
Intel Network Adapter Diagnostic Driver IOCTL DoS
Posted Mar 17, 2015
Authored by Glafkos Charalambous

A vulnerability in iqvw32.sys and iqvw64e.sys drivers has been discovered in the Intel Network Adapter Driver. The vulnerability exists due to insufficient input buffer validation when the driver processes IOCTL codes 0x80862013, 0x8086200B, 0x8086200F, 0x80862007 using METHOD_NEITHER and due to insecure permissions allowing everyone read and write access to privileged use only functionality. Attackers can exploit this issue to cause a Denial of Service or possibly execute arbitrary code in kernel space.

tags | exploit, denial of service, arbitrary, kernel
advisories | CVE-2015-2291
MD5 | 63ed8a86b8a3dfefbbaaa1c89ef15f46
Cisco Ironport AsyncOS Cross Site Scripting
Posted Feb 25, 2015
Authored by Glafkos Charalambous

Cisco Ironport AsyncOS suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
advisories | CVE-2013-6780
MD5 | 4c0bad7bf4b2320ee31c8e1ed00b6ee5
Cisco Ironport AsyncOS HTTP Header Injection
Posted Feb 25, 2015
Authored by Glafkos Charalambous

Cisco Ironport AsyncOS suffers from an HTTP header injection vulnerability.

tags | exploit, web
systems | cisco
advisories | CVE-2015-0624
MD5 | efc1e99a99ec5130712e73f124c95960
Cisco Ironport Appliance Privilege Escalation
Posted Jan 24, 2015
Authored by Glafkos Charalambous

Cisco Ironport appliances are vulnerable to authenticated "admin" privilege escalation. By enabling the Service Account from the GUI or CLI allows an admin to gain root access on the appliance, therefore bypassing all existing "admin" account limitations. The vulnerability is due to weak algorithm implementation in the password generation process which is used by Cisco to remotely access the appliance to provide technical support.

tags | exploit, root
systems | cisco
MD5 | 398e0811c9f513e72041331057978659
iBackup 10.0.0.32 Local Privilege Escalation
Posted Oct 22, 2014
Authored by Glafkos Charalambous

There are weak permissions for IBackupWindows default installation where everyone is allowed to change the ib_service.exe with an executable of their choice. When the service restarts or the system reboots the attacker payload will execute on the system with SYSTEM privileges. Versions 10.0.0.32 and below are affected.

tags | advisory
advisories | CVE-2014-5507
MD5 | 95db311d953e25c11dac53e10a4772f8
DotNetNuke DNNspot Store (UploadifyHandler.ashx) 3.0.0 File Upload
Posted Oct 22, 2014
Authored by Glafkos Charalambous | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in DotNetNuke DNNspot Store module versions below 3.0.0.

tags | exploit, arbitrary, file upload
MD5 | 144b914b86429e17580a3d580f6cc753
Cisco Ironport WSA telnetd Remote Code Execution
Posted Oct 22, 2014
Authored by Glafkos Charalambous

The Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code. Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.

tags | advisory, remote, overflow, arbitrary
systems | cisco, freebsd
advisories | CVE-2011-4862
MD5 | cc7b947d050036a9a4f1ee8bcfb35533
Alienvault OSSIM SIEM 4.1 SQL Injection
Posted Jun 21, 2013
Authored by Glafkos Charalambous

Alienvault OSSIM open source SIEM version 4.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | dcc34f61d45bce3a4b5520350b749f13
Thomson Wireless VoIP Cable Modem Authentication Bypass
Posted Sep 20, 2012
Authored by Glafkos Charalambous, George Nicolaou

This exploit leverages authentication bypass vulnerabilities in the Thomson wireless VoIP cable modem. It affects the TWG850-4 model.

tags | exploit, vulnerability, bypass
MD5 | f9e5802065dba5e524aacc6f3ab12c10
AthCon 2011 Capture The Flag Reversing Solution
Posted Jun 21, 2011
Authored by Glafkos Charalambous, George Nicolaou

This is the Athcon 2011 Capture The Flag solution paper.

tags | paper, conference
MD5 | 365ac5d3ac49cd466c22d763cf4b1877
OpenDrive 1.3.141 Local Password Disclosure
Posted Jun 6, 2011
Authored by Glafkos Charalambous, George Nicolaou

OpenDrive versions 1.3.141 and below local password disclosure exploit.

tags | exploit, local
MD5 | c075f2438bce7edc2b5cdebb15bd2b83
Xitami Web Server 2.5 Buffer Overflow
Posted Jun 4, 2011
Authored by Glafkos Charalambous

Xitami Web Server version 2.5b4 remote buffer overflow exploit with egghunter shellcode.

tags | exploit, remote, web, overflow, shellcode
MD5 | 83a4ae1155177c9355cab1032917c7fb
Adobe Premier Pro CS4 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Adobe Premier Pro CS4 DLL hijacking exploit that leverages ibfs32.dll.

tags | exploit
MD5 | 0fa2a394ea5b55e751b2ff0e64749f17
Adobe On Location CS4 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Adobe On Location CS4 DLL hijacking exploit that leverages ibfs32.dll.

tags | exploit
MD5 | 50df7f324c9631a89642f6a79fd19f11
Adobe InDesign CS4 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Adobe InDesign CS4 DLL hijacking exploit that leverages ibfs32.dll.

tags | exploit
MD5 | 5447e8ef5077f1911414358324a0ac67
Adobe Illustrator CS4 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Adobe Illustrator CS4 DLL hijacking exploit that leverages aires.dll.

tags | exploit
MD5 | dc0504fea6af189b950538e604be4739
Skype 4.2.0.169 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Skype versions 4.2.0.169 and below DLL hijacking exploit that leverages wab32.dll.

tags | exploit
MD5 | 02256250781ec437d556a79155264cd5
Adobe Device Central CS5 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Adobe Device Central CS5 DLL hijacking exploit that leverages qtcf.dll.

tags | exploit
MD5 | 65c8444e57651570516d753817021baf
Opera 10.61 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Opera versions 10.61 and below DLL hijacking exploit.

tags | exploit
MD5 | b1e637d77f7111069ca815ed5f9e700d
Adobe Dreamweaver CS4 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Adobe Dreamweaver CS4 DLL hijacking exploit that leverages ibfs32.dll.

tags | exploit
MD5 | 788ad8e3791e065dc4d719518203d056
TeamViewer 5.0.8703 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

TeamViewer versions 5.0.8703 and below DLL hijacking exploit that leverages dwmapi.dll.

tags | exploit
MD5 | 51369ef60815fda1c43e550b4c361e02
Firefox 3.6.8 DLL Hijacking Exploit
Posted Aug 26, 2010
Authored by Glafkos Charalambous

Firefox versions 3.6.8 and below DLL hijacking exploit.

tags | exploit
MD5 | 2d42aa1ebdb9e6c9910c4421ad3242b6
Windows XP SP3 English MessageBoxA Shellcode
Posted Aug 20, 2010
Authored by Glafkos Charalambous

87 bytes small Windows XP SP3 English MessageBoxA shellcode.

tags | shellcode
systems | windows, xp
MD5 | e1a26e66bc8c2c3bff4b28cfeb538614
Triologic Media Player 8 Universal Unicode Buffer Overflow
Posted Aug 17, 2010
Authored by Glafkos Charalambous

Triologic Media Player 8 local universal unicode buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
MD5 | 7c2a695250fc2bfa965a4bab259fd8a1
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close