what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files from eEye Digital Security

Email addressinfo at eeye.com
First Active1999-08-17
Last Active2007-12-08
CAID-brightstor.txt
Posted Dec 8, 2007
Authored by eEye Digital Security, Pedram Amini, cocoruder, Tenable Network Security, Dyon Balding, shirkdog | Site www3.ca.com

CA Security Advisory - Multiple vulnerabilities exist in BrightStor ARCserve Backup that can allow a remote attacker to cause a denial of service, execute arbitrary code, or take privileged action.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-5326, CVE-2007-5329, CVE-2007-5327, CVE-2007-5325, CVE-2007-5328, CVE-2007-5330, CVE-2007-5331, CVE-2007-5332
SHA-256 | eeb6c53417ccc26b912aa3b7ee71b7c4d770d635ec4f613ec8a5036d63014596
eEye Security Advisory 2004-10-12
Posted Oct 24, 2004
Authored by eEye Digital Security | Site eeye.com

eEye Security Advisory - Windows VDM #UD Local Privilege Escalation. Describes in more detail but with different terminology the "shatter" attacks corrected by MS04-032, and also discussed in a paper by Brett Moore.

tags | advisory, local
systems | windows
SHA-256 | 6d969851dce47717c7c8d2b34a7d86e3e4b6339359ea1b5ff2767ce9961e7872
eEye.iss.txt
Posted Mar 19, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - A critical vulnerability has been discovered in the PAM component used in all current ISS host, server, and network device solutions. A routine within the Protocol Analysis Module (PAM) that monitors ICQ server responses contains a series of stack based buffer overflow vulnerabilities. If the source port of an incoming UDP packet is 4000, it is assumed to be an ICQ v5 server response. Any incoming packet matching this criterion will be forwarded to the vulnerable routine. By delivering a carefully crafted response packet to the broadcast address of a network operating RealSecure/BlackICE agents an attacker can achieve anonymous, remote SYSTEM access across all vulnerable nodes.

tags | advisory, remote, overflow, udp, vulnerability, protocol
SHA-256 | c6c0d8948e71c161a5add829f745ebab0f86413f58d23225b1380cf524cb01c0
eEye.realsecure.txt
Posted Feb 27, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in both RealSecure and BlackICE. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. This attack will succeed with BlackICE using its most paranoid settings.

tags | advisory, remote, arbitrary
SHA-256 | 93cd5a0b4754b466a9453652642e3208192566bab669f59e2f78794309c03ac3
eEye.Zonelabs.txt
Posted Feb 19, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - Zonelabs Pro/Plus/Integrity versions 4.0 and above are susceptible to a stack based buffer overflow within vsmon.exe that can be exploited to execute code with the context of the SYSTEM account. The vulnerability exists within the component responsible for processing the RCPT TO command argument.

tags | advisory, overflow
SHA-256 | a0725e7ec08055483e5b54ac2703231057838074d0fb3f3ce1007b83e9fe049d
eEye.ASN1-2.txt
Posted Feb 11, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - eEye Digital Security has discovered a second critical vulnerability in Microsoft's ASN.1 library (MSASN1.DLL) that allows an attacker to overwrite heap memory with data he or she controls and cause the execution of arbitrary code. ASN.1 is an industry standard used in a variety of binary protocols, and as a result, this flaw in Microsoft's implementation can be reached through a number of Windows applications and services. Ironically, the security-related functionality in Windows is especially adept at rendering a machine vulnerable to this attack, including Kerberos (UDP/88) and NTLMv2 authentication (TCP/135, 139, 445).

tags | advisory, arbitrary, udp, tcp, protocol
systems | windows
SHA-256 | 8815b9231e3ce56295d951ce888973253d6699e1085fcffeabace7cd8f1ce3df
eEye.ASN1-1.txt
Posted Feb 11, 2004
Authored by eEye Digital Security | Site eEye.com

eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Microsoft's ASN.1 library (MSASN1.DLL) that would allow an attacker to overwrite heap memory on a susceptible machine and cause the execution of arbitrary code. Because this library is widely used by Windows security subsystems, the vulnerability is exposed through an array of avenues, including Kerberos, NTLMv2 authentication, and applications that make use of certificates (SSL, digitally-signed e-mail, signed ActiveX controls, etc.).

tags | advisory, arbitrary, activex
systems | windows
SHA-256 | 1de333b1ddd32e19f140c70af8d8745df36130a84594833d58298734c09ce432
eeye.flash.6.0.65.0.txt
Posted Dec 21, 2002
Authored by eEye Digital Security | Site eEye.com

Macromedia Shockwave Flash Malformed Header Overflow #2 - Macromedia Flash Player versions less than 6.0.65.0 allows remote code execution via HTML email and web pages. Fix available here.

tags | advisory, remote, web, overflow, code execution
SHA-256 | 018888a6c288f72d88dd0f5fddd22ecea22e5d438947c9dabdd5059490d624a6
eeye.png.txt
Posted Dec 14, 2002
Authored by eEye Digital Security | Site eEye.com

EEye Security Advisory - During a review of the PNG image format implemented in Microsoft Windows, pngfilt.dll, serious vulnerabilities were discovered related to the interpretation of PNG image data. The more serious bug is a heap overflow which can be exploited to execute code when the malicious PNG image is viewed. IE 5.01-6.0 is vulnerable, along with the IE web control for Outlook, Access 2000, Backoffice, Microsoft Visual Studio .NET 2002, Office 2000, Office XP pro, Project 2002 Professional, Publisher 98, SNA Server 4.0, SQL Server 7.0, Visio 2002, Visual Basic .NET Standard 2002, Visual C, Visual C++ .NET Standard 2002, Visual FoxPro 7.0, Visual Studio 6.0, Windows 2000, Windows 95, Windows 98, NT, and XP. Microsoft advisory is ms02-066.

tags | advisory, web, overflow, vulnerability
systems | windows
SHA-256 | f11b994b879980c3165d71f5cef07811d6d5feb5f65c16286a58a35a2b0cacf3
eeye.htr2.txt
Posted Jun 13, 2002
Authored by eEye Digital Security | Site eEye.com

Eeye Advisory - IIS 4.0 and 5.0 for Windows NT and 2000 contain a remotely exploitable heap overflow which allows remote code execution. The bug is in transfer chunking in combination with the processing of HTR request sessions.

tags | remote, overflow, code execution
systems | windows
SHA-256 | 48ccb83f54a8646059f912592e5f6d519b887ca5833838d10ec76f21014b6fa0
eEye-MSN-CHAT-OCX.txt
Posted May 13, 2002
Authored by eEye Digital Security, Drew Copley | Site eEye.com

A buffer overflow vulnerability has been found by eEye in the parameter handling of the MSN Messenger OCX and can allow remote code execution on affected systems.

tags | remote, overflow, code execution
SHA-256 | 76df0e68a796ea743a0cc568c84f1055d8df681f7945e0a436d49f5ed4e21b47
flash.overflow.txt
Posted May 5, 2002
Authored by eEye Digital Security | Site eEye.com

Macromedia Flash ActiveX Buffer overflow - Flash ActiveX Ocx Version 6, revision 23 and below contains a remotely exploitable buffer overflow which leads to the execution of attacker supplied code via email, web or any other avenue in which Internet Explorer is used to display html that an attacker can supply. All users of Internet Explorer are potentially vulnerable.

tags | web, overflow, activex
SHA-256 | c6c8ca1f7b23f1726dfc2ae5a03d47ea1e5728d9a0f6a3cd3a1e16082fa3c47f
IISHack1.5.zip
Posted Nov 5, 2000
Authored by eEye Digital Security | Site eEye.com

IISHack 1.5 attempts to remotely exploit a local buffer overflow in the IIS 4.0 and 5.0 .asp file parsing mechanism using the unicode bug, resulting in remote system access.

tags | exploit, remote, overflow, local, asp
SHA-256 | afcef2c9b91202ec97d8ad74851f7050f034f962c38fb8bf8733f531b474694d
eeye.iishack-1.5.txt
Posted Nov 5, 2000
Authored by eEye Digital Security | Site eEye.com

A buffer overflow has been discovered in the IIS 4.0 and 5.0 .asp file parsing mechanism. When IIS reads a malformed .asp file, code can be executed to take control of the local server as system. This can be exploited remotely by combining with the unicode bug or by paying for a web hosting account.

tags | web, overflow, local, asp
SHA-256 | 55452aba2566040a0d3cd658472e5693c9fb1752803985a1aceccb5a5abe6090
iis-ftp-exploit-DoS.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

IIS FTP Exploit/DoS Attack - Buffer Overflow in 3.0 and 4.0 versions of IIS results in Denial of Service attacks and possibility of remote execution of code.

tags | exploit, remote, denial of service, overflow
SHA-256 | 3687bfadb19cc6a2e0d5e948ff65192fdc8c3f9c83b1b9487250ad80a22e4da9
retina.vs.iis4-round2-the.brain.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

Detailed description of the Brain File used to uncover the eEye NT4+IIS4 URL buffer overflow remote exploit.

tags | exploit, remote, overflow
SHA-256 | 9ccb8012a7fa14933beb8e4aa92ca1c05c22e3d03e3eed20ffe537042503fb10
retina.vs.iis4-round2-the.exploit.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

Details about how and why the eEye NT4+IIS4 URL buffer overflow remote exploit hole was exploited and released.

tags | exploit, remote, overflow
SHA-256 | d4bc30711d23b93629e3af8119fa500bae9d918c2ecb58bc72ef2fa9b3d36f87
retina.vs.iis4-round2.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

General description of the eEye NT4+IIS4 URL buffer overflow remote exploit.

tags | exploit, remote, overflow
SHA-256 | 6a3eff4bb72d597d70ae5dc2c7d4680f46c2714618348baced0db5374695a7c8
iishack.asm
Posted Aug 17, 1999
Authored by eEye Digital Security

asm source code for the eEye NT4+IIS4 URL buffer overflow remote exploit. Use with one of the ncx* files.

tags | exploit, remote, overflow
SHA-256 | 11759f245563a0a577e93805db9657a7e367501a6b60fb28aa65fcb2ed054e04
iishack.exe
Posted Aug 17, 1999
Authored by eEye Digital Security

Executable eEye NT4+IIS4 URL buffer overflow remote exploit program. Use with one of the ncx* files.

tags | exploit, remote, overflow
SHA-256 | d285726fc63c31e1e2f636ea8777450b6d158051c05201b7d4200dc46f474b37
ncx.exe
Posted Aug 17, 1999
Authored by eEye Digital Security

Hacked netcat-based trojan used to exploit the eEye NT4+IIS4 URL remote buffer overflow - gain remote control over NT servers with this backdoor.

tags | exploit, remote, overflow, trojan
SHA-256 | 58760eddc454eb83a69dac7dc6375a069fb4ee2c796b229db876d1cff6d09a5f
ncx99.exe
Posted Aug 17, 1999
Authored by eEye Digital Security

Hacked netcat-based trojan used to exploit the eEye NT4+IIS4 URL remote buffer overflow (for use on port 99) - gain remote control over NT servers with this backdoor.

tags | exploit, remote, overflow, trojan
SHA-256 | f2d006d20ae413f942415387e47af01ebe36de35fde4257e1409f94b016fbb80
brain.ini
Posted Aug 17, 1999
Authored by eEye Digital Security

The actual Brain File used by Retina to uncover the IIS4 URL buffer overflow.

tags | exploit, overflow
SHA-256 | 5d0225f1fc6f4665ef5f013e34f3ce9fe67098a8cf65c73b013c630a4b9e2de7
eEye.retina.vs.iis4.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

Security hole in Windows NT 4 web servers running IIS allows remote attacker to execute arbitrary code. Detailed exploit description, four exploit scripts (2 perl, 2 C), VB app fix, Microsoft advisory, CERT advisory, more.

tags | exploit, remote, web, arbitrary, perl
systems | windows
SHA-256 | 41fd168e89f3d3b4ff7eff7dea59d4702f8bd805da153a3bc0c70bb7468b80e0
eEye.retina.vs.iis4.zip
Posted Aug 17, 1999
Authored by eEye Digital Security

Complete package of the eEye NT4+IIS4 URL buffer overflow remote exploit advisory and code. Includes: retina.vs.iis4-round2.txt, retina.vs.iis4-round2-the.brain.txt, retina.vs.iis4-round2-the.exploit.txt, brain.ini, iishack.asm, iishack.exe, ncx.exe, ncx99.exe.

tags | exploit, remote, overflow
SHA-256 | 394741db75ec0ba4e9f4e5581c6e248983aa36aa9a23bcc7c3b35abd87b8aed8
Page 1 of 2
Back12Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close