what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Marek Kroemeke

First Active2009-10-08
Last Active2016-02-02
A Tale of openssl_seal(), PHP, and Apache2handle
Posted Feb 2, 2016
Authored by Filip Palian, Marek Kroemeke, Mateusz Kocielski

openssl_seal() is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of the journey to hijack apache2 requests. It is a very well written and thoroughly documented piece of research.

tags | exploit, paper, code execution
SHA-256 | 7328b4676384b96b2489eec8e7c79cb066123cadf924ac7ffb3cdc3f203e52c4
FreeBSD Security Advisory - IGMP Integer Overflow
Posted Apr 8, 2015
Authored by Marek Kroemeke, Mateusz Kocielski | Site security.freebsd.org

FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash. Revision 2 of this advisory.

tags | advisory, denial of service, overflow, kernel
systems | freebsd
advisories | CVE-2015-1414
SHA-256 | 07777cd1ce7f35b3c30e664d16946ac2cbbf3e05394da44684d68f4bff1b372a
Varnish Cache 4.03 Buffer Overflow
Posted Mar 10, 2015
Authored by Filip Palian, Marek Kroemeke, Akat1

Varnish Cache version 4.0.3 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 2b10a0518f442a736ea3e86364fcb47251a1b0e1853674a11d5a6b920b9b9cd1
FreeBSD Security Advisory - IGMP Integer Overflow
Posted Feb 26, 2015
Authored by Marek Kroemeke, Mateusz Kocielski | Site security.freebsd.org

FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash.

tags | advisory, denial of service, overflow, kernel
systems | freebsd
advisories | CVE-2015-1414
SHA-256 | 76ae1889e6e180016123dbcd9d01a3c9f96266857a6c54bf55851337ed754719
Apache 2.4.x mod_proxy Denial Of Service
Posted Jul 22, 2014
Authored by Marek Kroemeke, AKAT-1, 22733db72ab3ed94b5f8a1ffcde850251fe6f466

Apache versions 2.4.x prior to 2.4.10 suffer from a denial of service condition when mod_proxy is in use.

tags | exploit, denial of service
advisories | CVE-2014-0117
SHA-256 | 89f9be9f6016af3dc6c28477576b16ea8b93226b5b1b1046b09db2be7cbe5c3d
PHP Socket connect() Stack Buffer Overflow
Posted May 25, 2011
Authored by Filip Palian, Marek Kroemeke, Mateusz Kocielski

PHP socket connect() stack buffer overflow proof of concept code.

tags | exploit, overflow, php, proof of concept
advisories | CVE-2011-1938
SHA-256 | 6abcba91bf7177e20f4ef770653563e589f25adaafe8dc216b107fff5b5e35b9
Riorey RIOS Hardocded Password
Posted Oct 8, 2009
Authored by Marek Kroemeke

Riorey DDoS mitigation appliances suffer from a very poor design vulnerability where they have a hardcoded root login and password for automation. Fail!

tags | exploit, root
SHA-256 | 29c26502b9e544b424841c7d7e3ccd28614e8629e9e6f9e8c76dac87a75fd345
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close