exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Silvio Cesare

First Active1999-08-17
Last Active2008-05-22
iDEFENSE Security Advisory 2008-05-21.1
Posted May 22, 2008
Authored by Silvio Cesare, iDefense Labs | Site idefense.com

iDefense Security Advisory 05.21.08 - Remote exploitation of a design error vulnerability in Snort, as included in various vendors' operating system distributions, could allow an attacker to bypass filter rules. Due to a design error vulnerability, Snort does not properly reassemble fragmented IP packets. When receiving incoming fragments, Snort checks the Time To Live (TTL) value of the fragment, and compares it to the TTL of the initial fragment. If the difference between the initial fragment and the following fragments is more than a configured amount, the fragments will be silently discard. This results in valid traffic not being examined and/or filtered by Snort. iDefense has confirmed the existence of this vulnerability in Snort 2.8 and 2.6. Snort 2.4 is not vulnerable.

tags | advisory, remote
advisories | CVE-2008-1804
SHA-256 | 71694e299caa136a88ff4553f89f1078e330d6913b0b76957abb0e2e9cfa6bff
iDEFENSE Security Advisory 2008-02-12.1
Posted Feb 12, 2008
Authored by Silvio Cesare, iDefense Labs | Site idefense.com

iDefense Security Advisory 02.12.08 - Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2008-0318
SHA-256 | a41220bd562f0751be2d8a4c85b3aa329da8712ae380c55def9f43dd8a24c6b3
Gentoo Linux Security Advisory 200408-16
Posted Aug 19, 2004
Authored by Silvio Cesare, Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200408-16 - glibc contains an information leak vulnerability allowing the debugging of SUID binaries. Versions 2.3.2 and below are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 6d3a5de31a54a4551b867471c5569c8bb8f3f2783a41ac572e82eca0028bf877
stealth-syscall.txt
Posted Jun 5, 2001
Authored by Silvio Cesare | Site big.net.au

Stealth Syscall Redirection - This article describes a technique of redirecting system calls without modifying the sys call table (implemented in Linux). This can be used to evade intrusion detection systems that use the sys call table to register redirected or trojaned system calls. The basic premise behind this attack is to modify the old system call code to jump to the new system call, thus control is transferred to the replacement system call and the sys call table is left untouched.

tags | paper, trojan
systems | linux, unix
SHA-256 | b65637f6eb6460d4d82d35adddf11e37ba7cdf38d977e6f9f161d95599528e70
elf-pv.txt
Posted Aug 17, 1999
Authored by Silvio Cesare

An article on UNIX ELF PARASITES AND VIRUSES including a fully working parasite infector and binary virus for Linux (UNIX portable however). The parasites and virus described and given do not destroy the executeables functionality but instead as with many DOS viruses simply append new code to the image. Rudimentary techniques for disabling the parasites and virus is also described. (includes LONG rant at beginning by author).

tags | exploit, virus
systems | linux, unix
SHA-256 | 41101f0b3c5ca938f20c81b9751270536b75203824557fe9301873ac62f7da1e
runtime-kernel-kmem-patching.txt
Posted Aug 17, 1999
Authored by Silvio Cesare

Demonstration and proof of the concept that access to kernel memory is of great use to a system attacker. Source code, examples included, along with implementation of 'kinsmod', an insmod using the kmem device, _not_ using native LKM support. (includes LONG rant at beginning by author).

tags | exploit, kernel
SHA-256 | b765ec3942e83df5d7d759cdc3b9d55fb7410033fef82b213946f4d7255be5d7
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close