what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files from Nahuel Riva

First Active2007-10-11
Last Active2015-07-08
AirLink101 SkyIPCam1620W OS Command Injection
Posted Jul 8, 2015
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - The AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera is vulnerable to an OS command injection vulnerability in the snwrite.cgi binary.

tags | exploit, cgi
advisories | CVE-2015-2280
SHA-256 | 21c2101703c779b440b5b09b966619ab442997dafefe43dda29ce74298fae4b6
AirLive Remote Command Injection
Posted Jul 6, 2015
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - AirLive MD-3025, BU-3026, BU-2015, WL-2000CAM, and POE-200CAM are IP cameras designed for professional surveillance and security applications. The built-in IR LEDs provide high quality nighttime monitoring. These AirLive devices are vulnerable to an OS Command Injection Vulnerability. In the case of the MD-3025, BU-3026 and BU-2015 cameras, the vulnerability lies in the cgi_test.cgi binary file. In the case of the WL-2000CAM and POE-200CAM cameras, the command injection can be performed using the vulnerable wireless_mft.cgi binary file.

tags | exploit, cgi
advisories | CVE-2014-8389, CVE-2015-2279
SHA-256 | 4f5dfe0ba3159b241b97dd31fdce3b6857722610dfebf00e92c39d6677ccf2b6
TP-Link IP Camera Hardcoded Credentials / Command Injection
Posted May 28, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon | Site coresecurity.com

TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2013-2573, CVE-2013-2572
SHA-256 | d96b583866927f2f59a08545c251d956a2dfef2c6512197cefb588c1ac39997b
Zavio IP Camera Command Injection / Bypass
Posted May 28, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - Zavio IP cameras based on firmware versions 1.6.03 and below suffer from bypass, hard-coded credential, and arbitrary command execution vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2013-2567, CVE-2013-2568, CVE-2013-2569, CVE-2013-2570
SHA-256 | 78c356b2ffcb1e25d51e6592b9d5d73b842cdf1d53ab057c2850cde52d3c84c9
D-Link IP Cameras Injection / Bypass
Posted Apr 29, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon, Pablo Santamaria, Juan Cotta, Martin Rocha | Site coresecurity.com

Core Security Technologies Advisory - D-Link IP Cameras suffer from OS command injection, authentication, information leak, and hard-coded credential vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-1599, CVE-2013-1600, CVE-2013-1601, CVE-2013-1602, CVE-2013-1603
SHA-256 | c89524253ab599d8622f01400e1599d3a2ca11af0117966d4e4a0fe9ff04ad31
Vivotek IP Camera Buffer Overflow / Disclosure / Injection
Posted Apr 29, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon, Alejandro Leon Morales, Juan Cotta, Martin Rocha | Site coresecurity.com

Core Security Technologies Advisory - Vivotek IP Cameras suffer from information leak, buffer overflow, authentication, path traversal, and command injection vulnerabilities. Vulnerable are Vivotek PT7135 IP camera with firmware 0300a, Vivotek PT7135 IP camera with firmware 0400a, and possibly others.

tags | exploit, overflow, vulnerability
advisories | CVE-2013-1594, CVE-2013-1595, CVE-2013-1596, CVE-2013-1597, CVE-2013-1598
SHA-256 | fa7660e4a137a97602dd52a3f2f89792f4eba90870562d6329ab58bbcacf03d9
Core Security Technologies Advisory 2011.0606
Posted Jun 30, 2011
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector.

tags | exploit, remote, arbitrary
advisories | CVE-2011-1866
SHA-256 | efa1df6ff293fc879184a56101095c205856a98933d395ba652967d9bb7600a0
HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
Posted Mar 23, 2011
Authored by Nahuel Riva, sinn3r | Site metasploit.com

This Metasploit module exploits a stack-based overflow in HP NNM's webappmon.exe. The vulnerability occurs when a long string of data is sent as OvJavaLocale's cookie value, OvWww.dll fails to properly do any bounds checking before this input is parsed in function OvWwwDebug(), which causes an overflow when sprintf_new() is called.

tags | exploit, overflow
advisories | CVE-2010-2709, OSVDB-66932
SHA-256 | ec5c964f51636ce7ba31b28775d66861ded19652e6b8966cbb73d25ac422b9da
Core Security Technologies Advisory 2010.0728
Posted Dec 13, 2010
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - The Intel Alert Handler service ('hndlrsvc.exe') fails to correctly process the 'CommandLine' field in the AMS request. A source address in a 'MOV' instruction is calculated from values present in the request, causing a remote denial-of-service.

tags | advisory, remote
advisories | CVE-2010-3268
SHA-256 | 55e5c8b436e323fd3f97ab13849257975ad0f4264ec70be10dbcab9dc97bde9d
SDTCleaner-v1.0.zip
Posted Jul 23, 2008
Authored by Nahuel Riva | Site coresecurity.com

SDT Cleaner is a small laboratory tool that attempts to restore the pointers installed by Anti-Virus and Firewalls in the SSDT (System Service Descriptor Table).

tags | virus
SHA-256 | bba5724287d4dfa2c7b4b791fa7251d9d037e14038c4ba65232fbf9c4a0c464a
Core Security Technologies Advisory 2007.0928
Posted Oct 11, 2007
Authored by Core Security Technologies, Gerardo Richarte, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability found in OpenBSD's dhcpd allows attackers on the local network to remotely cause the DHCP server to corrupt its process memory and crash; or continue functioning erratically thus denying service to all DHCP clients on the network and, if PF updates are in use, potentially affecting egress/ingress filtering as well. OpenBSD 4.0, 4.1, and 4.2 are affected.

tags | advisory, local
systems | openbsd
advisories | CVE-2007-0063
SHA-256 | cc127679daebed5635aaa505605a453c6446720485c7a6f386cb9d149b3fdbbc
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close