Showing 1 - 3 of 3

Files from K. Gudinavicius

First Active	2011-07-01
Last Active	2012-03-29

Microsoft ASP.NET Forms Authentication Bypass: Posted Mar 29, 2012; Authored by K. Gudinavicius, m | Site sec-consult.com; Microsoft ASP.NET Forms versions 4.0.30319.237 and below suffer from an authentication bypass vulnerability.; tags | exploit, asp, bypass; advisories | CVE-2011-3416; SHA-256 | 7432953a885d29ecc984b1dab18e4eeeb9ab253b2c398a82436125325e03bc71; Download | Favorite | View

Microsoft ASP.NET Forms Authentication Bypass: Posted Dec 30, 2011; Authored by K. Gudinavicius | Site sec-consult.com; Microsoft ASP.NET Forms suffers from a null byte termination authentication bypass vulnerability that exists in the CopyStringToUnAlingnedBuffer() function of the webengine4.dll library used by the .NET framework. The unicode string length is determined using the lstrlenW function. The lstrlenW function returns the length of the string, in characters not including the terminating null character. If the unicode string containing a null byte is passed, its length is incorrectly calculated, so only characters before the null byte are copied into the buffer.; tags | advisory, asp, bypass; advisories | CVE-2011-3416; SHA-256 | 294ae2596a2c31be82519bf63b2272b2e6a249e186db2e1ca5fab9dfb9f605e6; Download | Favorite | View

WordPress 3.1.3 / 3.2-RC1 SQL Injection: Posted Jul 1, 2011; Authored by K. Gudinavicius | Site sec-consult.com; WordPress versions 3.1.3 and 3.2-RC1 suffers from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | 0a7900515451e312b78d781e902fcb08e0d2c379668d6c7b467866395e99972e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days