Showing 1 - 9 of 9

Files from Matthew Daley

OpenSSH User Enumeration: Posted Dec 5, 2018; Authored by Matthew Daley, Justin Gardner, Lee David Painter; OpenSSH versions prior to 7.7 suffer from a user enumeration vulnerability.; tags | exploit; advisories | CVE-2018-15473; SHA-256 | 4859577142cc1049d3959af66839a236a04781ada4ed91ed9ebe565b43f98029; Download | Favorite | View

OpenSSH 7.x Username Enumeration: Posted Aug 16, 2018; Authored by Matthew Daley; OpenSSH versions 2.3 up to 7.4 suffer from a username enumeration vulnerability.; tags | exploit; SHA-256 | 5b89ae3c3cfc697123f753a66e100e36a1f19ae7a11ab2e0b7081e0e195522af; Download | Favorite | View

Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free: Posted Jun 29, 2017; Authored by Matthew Daley | Site metasploit.com; This Metasploit module exploits a use-after-free vulnerability in the handling of SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for Windows. When SSL is re-established on a NDMP connection that previously has had SSL established, the BIO struct for the connection's previous SSL session is reused, even though it has previously been freed. This Metasploit module supports 3 specific versions of the Backup Exec agent in the 14, 15 and 16 series on 64-bit and 32-bit versions of Windows and has been tested from Vista to Windows 10.; tags | exploit, remote; systems | windows; advisories | CVE-2017-8895; SHA-256 | 18615ac29398d7f2d7f4f16eff1790cc387a69c2808a4e6bb7a5632253c7e45f; Download | Favorite | View

Veritas Backup Exec Remote Agent For Windows Use-After-Free: Posted May 27, 2017; Authored by Matthew Daley; Veritas Backup Exec Remote Agent for Windows suffers from a use-after-free vulnerability. All versions before Backup Exec 16 FP1, Backup Exec 15 14.2.1180.3160, and Backup Exec 2014 14.1.1187.1126 are affected.; tags | advisory, remote; systems | windows; advisories | CVE-2017-8895; SHA-256 | 8ceb02397eea9ab98abf9619f4ab71f85b7ac2f8ffa9d669f5e674239b69ebd6; Download | Favorite | View

Apache OpenMeetings 3.1.0 Cross Site Scripting: Posted Aug 12, 2016; Authored by Matthew Daley; Apache OpenMeetings version 3.1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 7cd4363e2b99732754cd02499cfb4501e7c27fb5b0c5ad53d5bfc6fcb86f6281; Download | Favorite | View

GoAhead 3.4.1 Heap Overflow / Traversal: Posted Mar 28, 2015; Authored by Matthew Daley; GoAhead web server versions 3.0.0 through 3.4.1 suffers from heap overflow and directory traversal vulnerabilities.; tags | exploit, web, overflow, vulnerability, file inclusion; advisories | CVE-2014-9707; SHA-256 | 6fb18dfd80ce463f675f713e9ebec9b8c5a991abc545cf1b1fbf82cc2f64697b; Download | Favorite | View

Appweb Web Server Denial Of Service: Posted Mar 28, 2015; Authored by Matthew Daley; Appweb Web Server suffers from a denial of service vulnerability.; tags | exploit, web, denial of service; advisories | CVE-2014-9708; SHA-256 | e59a4ebe08e7c3f7777a2c603a71d5db8d059f0c0ece77091aadd4aa5da52401; Download | Favorite | View

Linux Kernel 3.15-rc4 PTY Race Condition: Posted May 14, 2014; Authored by Matthew Daley; Linux Kernel versions above 3.14-rc1 and below 3.15-rc4 raw mode PTY local echo race condition privilege escalation proof of concept exploit. This bug also affects kernel 2.6.31-rc3 and newer.; tags | exploit, kernel, local, proof of concept; systems | linux; advisories | CVE-2014-0196; SHA-256 | 3e2aeb3682476066fd47d615fa123347b94017a25a410fef128e012fea785cdf; Download | Favorite | View

Oracle Virtualbox Overflow / Type Confusion / Missing Validation: Posted Feb 8, 2014; Authored by Matthew Daley; Oracle Virtualbox suffered from overflow, type confusion, missing validation, and other issues.; tags | advisory, overflow; advisories | CVE-2013-5892, CVE-2014-0407, CVE-2014-0405, CVE-2013-5892, CVE-2014-0406, CVE-2014-0404; SHA-256 | 2ef57d82dffef7c08895823360db3a1acc0b743bdb1ec3f631d377d2bb52be77; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days