what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Paul Harrington

First Active2010-06-15
Last Active2011-07-09
Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow
Posted Jul 9, 2011
Authored by Travis Warren, sinn3r, Paul Harrington | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in process bcaaa-130.exe (port 16102), which comes as part of the Blue Coat Authentication proxy. Please note that by default, this exploit will attempt up to three times in order to successfully gain remote code execution (in some cases, it takes as many as five times). This can cause your activity to look even more suspicious. To modify the number of exploit attempts, set the ATTEMPTS option.

tags | exploit, remote, overflow, code execution
SHA-256 | ba8634a1f89adc72bb1fa6c7125d662b2e0d1e9a7d1b79249e69e1b06460f06e
Blue Coat BCAAA Remote Code Execution
Posted Jul 7, 2011
Authored by Paul Harrington | Site ngssecure.com

The software referred to as BCAAA (Blue Coat Authentication and Authorization Agent) is installed on a domain server (not necessarily a domain controller, a member server is enough) and acts as an intermediary between a Blue Coat ProxySG and the domain. The BCAAA Windows Service is vulnerable to a stack-based buffer overflow, this can lead to remote code execution running with SYSTEM privileges. Affected are all versions of BCAAA associated with ProxySG releases 4.2.3, 4.3, 5.2, 5.3, 5.4, 5.5, and 6.1 available prior to April 21, 2011 or with a build number less than 60258. All versions of BCAAA associated with ProxyOne are also vulnerable.

tags | exploit, remote, overflow, code execution
systems | windows
SHA-256 | 54bac8253d4a2373e84fd3215e027da96d0d0887a6fbb0fdaedba7dac543322f
Mac OS X 10.6.6 Camera Raw Library Memory Corruption
Posted Jul 5, 2011
Authored by Paul Harrington | Site ngssecure.com

A corrupt Canon Camera RAW file (.CR2) can cause a crash in the RawCamera library. This affects viewing files in both the Preview.app application or via Quick Look. Mac OS X 10.6.6 with RawCamera.bundle versions prior to 3.6 are affected.

tags | advisory
systems | apple, osx
SHA-256 | bfa974140fd1bf14906e974ca1afd9e9e4884f61c2b178a9aa19ede528e993e7
Immunity Debugger Buffer Overflow
Posted Mar 22, 2011
Authored by Paul Harrington | Site ngssecure.com

Immunity Debugger version 1.73 contains a buffer overflow vulnerability in its HTTP update mechanism.

tags | advisory, web, overflow
SHA-256 | eb3222763fbd249397289a12e1bfee1c09d0425cad699d675e1553a2e8d4d505
Apple Mac OS X Image RAW Multiple Buffer Overflows
Posted Mar 22, 2011
Authored by Paul Harrington | Site ngssecure.com

Paul Harrington of NGS Secure has discovered a high risk vulnerability in Mac OS X Image RAW. Multiple buffer overflow issues existed in Image RAW's handling of Canon RAW images. Viewing a maliciously crafted Canon RAW image may result in an unexpected application termination or arbitrary code execution. Versions affected include Mac OS X 10.6 through 10.6.6, Mac OS X Server 10.6 through 10.6.6 with RawCamera.bundle versions prior to 3.6.

tags | advisory, overflow, arbitrary, code execution
systems | apple, osx
SHA-256 | fc0b316cf82ddc0ac592117f4d7ddb4c7b690bf50443ed7dbdc636202f42012d
MacOS X EvoCam HTTP GET Overflow
Posted Jun 15, 2010
Authored by dookie, Paul Harrington | Site metasploit.com

This Metasploit module exploits a stack overflow in the web server provided with the EvoCam program for Mac OS X. We use Dino Dai Zovi's exec-from-heap technique to copy the payload from the non-executable stack segment to heap memory. Vulnerable versions include 3.6.6, 3.6.7, and possibly earlier versions as well. EvoCam version 3.6.8 fixes the vulnerability.

tags | exploit, web, overflow
systems | apple, osx
SHA-256 | 1c923c534030db638a49cbc2059c3e52cb7a34e60ab4c8b6bd58d2cf5b383ff5
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close