what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files from Andy Davis

Email addressiosftpexploit at googlemail.com
First Active2008-07-29
Last Active2014-03-27
USB Attacks Need Physical Access Right? Not Any More...
Posted Mar 27, 2014
Authored by Andy Davis | Site nccgroup.com

NCC Group Research Director Andy Davis presented 'USB Attacks Need Physical Access Right? Not Any More...' at this year's BlackHat Asia in Singapore. Due to recent advances in a number of remoting technologies, USB attacks can now be launched over a network. The talk went into detail about how these technologies work, the resulting impact on the world of USB bugs and included a live demo remotely triggering a USB kernel bug in Windows 2012 server.

tags | paper, kernel
systems | windows
SHA-256 | 6b69c9ca16bc7b4b25c8eaf51bdad117771585a02daec7c27db6c045043dfa9c
iOS 7 Arbitrary Code Execution
Posted Mar 14, 2014
Authored by Andy Davis | Site nccgroup.com

iOS 7 suffered from an arbitrary code execution vulnerability in kernel mode.

tags | exploit, arbitrary, kernel, code execution
advisories | CVE-2014-1287
SHA-256 | a80dfd22eb4297c3c38e28620d240742691ea94f1473c9e9c446334c23938dff
Oracle Database 11g NULL Pointer
Posted May 2, 2013
Authored by Andy Davis | Site nccgroup.com

Oracle Database 11g suffers from a null pointer denial of service vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, denial of service
SHA-256 | 7366e77f697aca2ecdba7bfb457e1fe1dfc05c93aea874d256f1f2686baea2f7
Oracle Database 11g Denial Of Service
Posted May 2, 2013
Authored by Andy Davis | Site nccgroup.com

Oracle Database 11g suffers from a denial of service vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, denial of service
SHA-256 | 60d5de1a200f206f295e52a01fff891d50942ff110a36d295495ac71804abc8b
Microsoft Windows USB RNDIS Overflow
Posted Mar 18, 2013
Authored by Andy Davis | Site nccgroup.com

NCC Group has discovered a USB RNDIS driver kernel pool overflow in Microsoft Windows. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, overflow, kernel
systems | windows
SHA-256 | b67f78c8f27b85aad58afde12e4da95467a1c87bf89d8c723683988c3105422c
Apple Mac OS X Lion Arbitrary Code Execution
Posted Sep 28, 2012
Authored by Andy Davis | Site ngssecure.com

Andy Davis of NCC Group has discovered an arbitrary code execution vulnerability in Apple OS X Lion versions 10.7 to 10.7.4 and OS X Lion Server versions 10.7 to 10.7.4.

tags | advisory, arbitrary, code execution
systems | apple, osx
SHA-256 | 4d92bdc3d4a04a081d6ffd6f55afa9423679f106f5b331ef53e98497ba57edae
Samba Remote Code Execution
Posted Feb 27, 2012
Authored by Andy Davis | Site ngssecure.com

Samba versions up to 3.4.0 suffer from a code execution vulnerability.

tags | advisory, code execution
advisories | CVE-2012-0870
SHA-256 | 3c60f7d6b21aa91e993400833006fa77981a0d39cf04dc6c46f58d279e888523
BlackBerry PlayBook Samba Remote Code Execution
Posted Feb 24, 2012
Authored by Andy Davis | Site ngssecure.com

BlackBerry PlayBook suffers from a samba related code execution vulnerability. Tablet versions prior to 2.0.0.7971 are affected.

tags | advisory, code execution
SHA-256 | 1afc8a7ff4c33e0b84d61b7fd3ad9ea453b1ab6f4c8645898025d843d0ecb99c
Solaris 11 USB Hub Class Descriptor Kernel Stack Overflow
Posted Nov 2, 2011
Authored by Andy Davis | Site ngssecure.com

It was discovered that a local attacker can send a malformed USB hub class descriptor via a malicious USB device and trigger a kernel stack overflow in Solaris versions 8, 9, 10, and 11 Express.

tags | advisory, overflow, kernel, local
systems | solaris
SHA-256 | a80d1f9f52f13b9e8415d9d58079861c76c46a4c8467e2a7cfa25f5c7369fe03
Lumension Device Control Memory Corruption
Posted Aug 25, 2011
Authored by Andy Davis | Site ngssecure.com

Lumension Device Control (formerly Sanctuary) version 4.4 SR6 suffers from a remote memory corruption vulnerability.

tags | exploit, remote
SHA-256 | c57ef1704cb0c41b6705165642f98b7d6449b19cbe982463e50749ab3173be60
ios-shellcode.txt
Posted Aug 22, 2008
Authored by Andy Davis

Version-independent IOS shellcode that does not require hard-coded IOS addresses.

tags | shellcode
systems | cisco
SHA-256 | a8749a2b8fbe30c8e89d87a164b28543061e8b5d42e9fadf68560774e487a883
cisco-iosftp.txt
Posted Aug 13, 2008
Authored by Andy Davis

Cisco IOS FTP server exploit step-by-step instructions which includes information on connecting to a Cisco router using gdb.

tags | paper
systems | cisco
SHA-256 | ae635a76307aaf65d0cd771afdc2ccb4754e8f175174fd6311f79b519ae837af
cisco-shellcode.txt
Posted Jul 31, 2008
Authored by Andy Davis

A follow up regarding the shellcode used in the Cisco IOS FTP exploit detailing everything used.

tags | shellcode
systems | cisco
SHA-256 | e9bd62308e9ef7d31d26080e42ff90895b52c336e707b2c958fabe963635cb3a
Cisco Security Advisory 20070509-iosftp.c
Posted Jul 29, 2008
Authored by Cisco Systems, Andy Davis

Cisco IOS FTP server remote exploit that escalates privileges to level 15. Specific hard-coded addresses are for IOS 12.3(18) on a 2621XM router. Slightly crippled forcing this to only work when the router is connected to a debugger.

tags | exploit, remote
systems | cisco
SHA-256 | d54246014babb4c769cae5fee17eb1d8d2663d37a25a025002299897d93a764a
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close