all things security
Showing 1 - 7 of 7 RSS Feed

Files from Markus Vervier

Email addressmarkus.vervier at lsexperts.de
First Active2012-03-09
Last Active2016-03-11
libotr 4.1.0 Memory Corruption
Posted Mar 11, 2016
Authored by Markus Vervier

A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. While processing specially crafted messages, attacker controlled data on the heap is written out of bounds. No special user interaction or authorization is necessary in default configurations. libotr versions 4.1.0 and below are affected.

tags | exploit, remote, arbitrary
advisories | CVE-2016-2851
MD5 | 755a6a30a93f1774c13c4a8525548fc9
Perl 5.20.1 Deep Recursion Stack Overflow
Posted Sep 25, 2014
Authored by Markus Vervier | Site lsexperts.de

A stack overflow was discovered when serializing data via the Data::Dumper extension which is part of Perl-Core. By using the "Dumper" method on a large Array-Reference which recursively contains other Array-References, it is possible to cause many recursive calls to the DD_dump native function and ultimately exhaust all available stack memory.

tags | exploit, overflow, perl
advisories | CVE-2014-4330
MD5 | c8b48caeada762d8666434be872973f9
Check_MK Arbitrary File Disclosure
Posted May 29, 2014
Authored by Markus Vervier, Sascha Kettler | Site lsexperts.de

Check_MK suffers from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
advisories | CVE-2014-0243
MD5 | e15f15a0ae3651e777086ddbeb456725
Sitepark Information Enterprise Server 2.9 Unauthenticated Access
Posted May 1, 2014
Authored by Markus Vervier, Sascha Kettler | Site lsexperts.de

LSE discovered that the installer of the Information Enterprise Server (IES) was available to unauthenticated users over HTTP. When updating from previous versions of IES, an installation form was not disabled after installation. In this case the servlet "/ies/install" was exposed to unauthenticated users. By accessing the servlet at URI "/ies/install/" on an affected IES server, an unauthenticated attacker was able to set a new password for the manager account. Additionally sensitive information regarding the IES installation was displayed.

tags | advisory, web
advisories | CVE-2014-3006
MD5 | 5adb88823ad7991765afbaa585695f19
rsyslog ElasticSearch Memory Corruption
Posted Jul 5, 2013
Authored by Markus Vervier, Marius Ionescu | Site lsexperts.de

rsyslog ElasticSearch plugin suffers from a double free memory corruption. rsyslog versions 7.4.0 stable through 7.4.1 stable and 7.3.2 devel through 7.5.1 devel are affected.

tags | advisory
advisories | CVE-2013-4758
MD5 | eea6c79e143ed123ecc4eddfa060448c
Avira AntiVir Engine Denial Of Service / Filter Evasion
Posted Jun 14, 2013
Authored by Markus Vervier, Eric Sesterhenn | Site lsexperts.de

Avira AntiVir Engine versions prior to 8.2.12.58 suffers from filter evasion and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
advisories | CVE-2013-4602
MD5 | 33a7c5d7e4adca9f7ea860cf86663cb5
PyPAM 0.4.2 Double-Free Corruption
Posted Mar 9, 2012
Authored by Markus Vervier | Site lsexperts.de

By supplying a NULL-byte to the PyPAM module, a double-free condition is triggered. This condition may allow for remote code execution. Proof of concept included.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2012-1502
MD5 | 3666f9ede248892233419bed48f01a47
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close