Exploit the possiblities
Showing 1 - 14 of 14 RSS Feed

Files from Dominic Chell

Email addressdmc at deadbeef.co.uk
First Active2007-07-21
Last Active2017-05-11
Microsoft IIS WebDav ScStoragePathFromUrl Overflow
Posted May 11, 2017
Authored by Dominic Chell, FireFart, Zhiniang Peng, Chen Wu, zcgonvh, Rich Whitcroft | Site metasploit.com

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Original exploit by Zhiniang Peng and Chen Wu.

tags | exploit, remote, web, overflow, arbitrary
systems | windows
advisories | CVE-2017-7269
MD5 | 95f8dd847406e195cfd9f81ff602c626
iOS Application (In)Security
Posted May 6, 2012
Authored by Dominic Chell | Site mdsec.co.uk

This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.

tags | paper, vulnerability
systems | cisco, apple, iphone
MD5 | 8527c3e88bfed9bdffcf0bcf1dbd7036
LibAVCodec AMV Out Of Array Write
Posted Aug 1, 2011
Authored by Dominic Chell | Site ngssecure.com

Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.

tags | advisory, arbitrary, code execution
advisories | CVE-2011-1931
MD5 | 9ffa2a987f98d517612a95b753c563a0
Apple Mac OS X ImageIO TIFF Integer Overflow
Posted Jul 5, 2011
Authored by Dominic Chell | Site ngssoftware.com

A heap overflow is caused by a signedness vulnerability within copyImageBlockSetTiff(). The crash occurs within any application using the framework, including Preview, QuickLook, Safari and Mail.

tags | advisory, overflow
MD5 | ebacce41108e8b62e23fc00b6957ffc9
Apple Mac OS X ImageIO TIFF Heap Overflow
Posted Jul 5, 2011
Authored by Dominic Chell | Site ngssoftware.com

Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | apple, osx
advisories | CVE-2011-0204
MD5 | 3d46aea459b5efd1a280dde2c0201cc3
LibAVCodec AMV Out Of Array Write
Posted Apr 27, 2011
Authored by Dominic Chell | Site ngssoftware.com

Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.

tags | advisory, arbitrary, code execution
MD5 | e3c400ccbbb054874d638f5b654cc785
Apple Mac OS X ImageIO Integer Overflow
Posted Mar 22, 2011
Authored by Dominic Chell | Site ngssecure.com

Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. An integer overflow issue exists in ImageIO's handling of JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. Versions affected include Mac OS X 10.6 through 10.6.6, Mac OS X Server 10.6 through 10.6.6.

tags | advisory, overflow, arbitrary, code execution
systems | apple, osx
MD5 | 90d5ec0724d8e732f03bb5fcff46a1ee
ImageIO PSD Memory Corruption
Posted Nov 22, 2010
Authored by Dominic Chell | Site ngssecure.com

Dominic Chell of NGS Secure has discovered a high risk memory corruption vulnerability affecting the ImageIO rendering framework. Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code execution. This issue can be remotely (client-side) exploited through any application using the framework including Mail, Safari and QuickLook.

tags | advisory, arbitrary, code execution
advisories | CVE-2010-1845
MD5 | a930162dea46584d8cde0f0d16dd7061
Sun Java Web Server Exploit
Posted Jul 9, 2010
Authored by Dominic Chell

Sun Java Web Server version 7.0 update 7 remote stack overflow exploit that is capable of bypassing DEP. In order to do this it uses ROP to invoke SetProcessDEPPolicy(). This is the second version of this exploit.

tags | exploit, java, remote, web, overflow
advisories | CVE-2010-0361
MD5 | b4bc12d05fef465f901186598f1165c3
Sun Java System Web Server Stack Overflow
Posted Jul 3, 2010
Authored by Dominic Chell

Sun Java Web Server version 7.0 update 7 remote stack overflow exploit.

tags | exploit, java, remote, web, overflow
advisories | CVE-2010-0361
MD5 | e89f7a89d0fbf46da6b8e234f3d4e54c
Mozilla Firefox 2.0.0.16 Buffer Overflow
Posted Sep 15, 2009
Authored by Dominic Chell

Mozilla Firefox version 2.0.0.16 Windows XP SP3 UTF-8 URL buffer overflow exploit that has adduser shellcode.

tags | exploit, overflow, shellcode
systems | windows, xp
MD5 | e9e51b094746ef393b54a280e1c3608f
MP3 Studio 1.0 Buffer Overflow
Posted Sep 15, 2009
Authored by Dominic Chell

MP3 Studio version 1.0 local buffer overflow exploit that creates a malicious .m3u file that produces a bind shell on port 4444.

tags | exploit, overflow, shell, local
MD5 | 3000d4db2f78229a6c83e781d2940d32
IPSwitch IMAP Server 9.20 Overflow
Posted Sep 15, 2009
Authored by Dominic Chell

IPSwitch IMAP Server version 9.20 and below remote buffer overflow exploit.

tags | exploit, remote, overflow, imap
advisories | CVE-2007-2795
MD5 | c7e891b608ac3724628c34616fce8b5a
lotus-overflow.txt
Posted Jul 21, 2007
Authored by prdelka, Dominic Chell

Lotus Domino IMAP4 server version 6.5.4 / Windows 2000 Advanced Server x86 remote buffer overflow exploit.

tags | exploit, remote, overflow, x86
systems | windows, 2k
MD5 | c034bc24a2ccbd22b9171961180e067a
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    1 Files
  • 22
    Jan 22nd
    15 Files
  • 23
    Jan 23rd
    12 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close