what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files from Marc Ruef

Real NameMarc Ruef
Email addressprivate
First Active2000-07-18
Last Active2013-10-28
View User Profile
MobileIron 4.5.4 Cross Site Scripting
Posted Oct 28, 2013
Authored by Marc Ruef, Pascal Schaufelberger

MobileIron version 4.5.4 suffers from a cross site scripting vulnerability in the device registration functionality.

tags | exploit, xss
SHA-256 | 0086a60987e5725b61729a566ad575d52c9d7f81ffe6150d619bb1da469fb747
Nmap NSE Vulscan 2.0
Posted Aug 14, 2013
Authored by Marc Ruef

This is a NSE script written for nmap that adds vulnerability scanning.

Changes: Added version identification support, which may improve the accuracy of findings as long as the linked vulnerability databases provide version information. Squashed a parsing bug if the server response did contain a special character. This caused the script to fail under some circumstances.
tags | tool, nmap
systems | unix
SHA-256 | 83f3c568ec7872a28bedb9da04a868377573b2544d75b2e1d2a7e96f0de281aa
Nmap NSE Vulscan 1.0
Posted Jun 25, 2013
Authored by Marc Ruef

This is a NSE script written for nmap that adds vulnerability scanning.

Changes: Better performance. Support for dynamic report templates, your own CSV-based vulnerability database, and more. Better error handling and more debug output.
tags | tool, nmap
systems | unix
SHA-256 | a36473e6e38e4484f78ca4df6a612d03afa635b3f67c7fc0ab609db50416ec42
Shemes Grabbit NZB Date Denial Of Service
Posted Jul 8, 2010
Authored by Marc Ruef | Site scip.ch

Shemes Grabbit suffers from a malicious NZB file related denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | dd8f4bd253788e849c9c760e1204e9c3a0cbaaa54947b455f67903536f36ac84
Skype Client For Mac Chat Unicode Denial Of Service
Posted Jun 23, 2010
Authored by Marc Ruef | Site scip.ch

The Skype client for Mac Chat suffers from a unicode related denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | f948952222defade88deecce448672cc4c9753535691afb7597dc9381db5ac14
Message-ID Fingerprinting Tool
Posted Sep 15, 2009
Authored by Marc Ruef | Site scip.ch

Midfp (Message-ID Fingerprinter) determines the mail client from the message-id which is included in an email. It analyzes the structure of the message-id and compares it with regular expressions against a database.

tags | tool, forensics
SHA-256 | a19386eab491198b5cf2bc2b4bc7bcce52d33d930d405033f5efcddbd4e4edcb
IBM Lotus Notes 8.5 RSS Widget Privilege Escalation
Posted Sep 10, 2009
Authored by Marc Ruef | Site scip.ch

IBM Lotus Notes version 8.5 suffers from a RSS widget privilege escalation vulnerability.

tags | advisory
SHA-256 | df967d2e5f81410f4465fd7e61108a192978fb101774f40b0156c2bab1af6b24
telnetrecon Telnet Server Fingerprinting Tool
Posted Dec 31, 2008
Authored by Marc Ruef | Site computec.ch

telnetrecon is a tool for doing research in the field of telnet server fingerprinting.

tags | tool, scanner
systems | unix
SHA-256 | 381794d4db9b91bdb21324d29c26bbe0f88acaa4c731fbf8f51b1ce50be71322
pro2col-xss.txt
Posted Sep 12, 2008
Authored by Marc Ruef | Site scip.ch

Pro2col StingRay FTS suffers from a cross site scripting vulnerability via the login username functionality.

tags | exploit, xss
SHA-256 | 24f6911ba28f77c3b0dd0a5756d49433a480655e4285e291ee815c73fe7b74da
scip-dlink.txt
Posted Sep 8, 2008
Authored by Marc Ruef | Site scip.ch

The D-Link DIR-100 suffers from a long url filter evasion vulnerability.

tags | advisory
SHA-256 | 32012424d05f55871c7620c41ba3f2686d855405288fec574d38d174b7c7eebd
scip-dreambox.txt
Posted Aug 29, 2008
Authored by Marc Ruef | Site scip.ch

An input validation error within the web interface of Dreambox model DM500C allows for a denial of service condition.

tags | advisory, web, denial of service
SHA-256 | b07f925091a95eb3ffd99e8e205d865b485e692d12f1fceebd5a4600fea29e9e
browserrecon-1.0-php.tar.gz
Posted May 9, 2008
Authored by Marc Ruef | Site computec.ch

browserrecon is a framework that performs client-side HTTP fingerprinting. Be sure to hit their site to download the latest fingerprints database.

tags | web
SHA-256 | d37d7efea8951475554a42f5248c7e1de2b4115e3f323ebdd096383e01fbbb38
httprecon-1.3src.zip
Posted Dec 12, 2007
Authored by Marc Ruef | Site computec.ch

httprecon is an advanced web server fingerprinting tool that makes use of nine test cases when mapping the target service. Source release.

tags | web
SHA-256 | 91f9586eb1d62dde8af49f5b3147bb53e12765f765715a3cee066448fe4917f1
httprecon-1.3.zip
Posted Dec 12, 2007
Authored by Marc Ruef | Site computec.ch

httprecon is an advanced web server fingerprinting tool that makes use of nine test cases when mapping the target service. Win32 binary release.

tags | web
systems | windows
SHA-256 | 9cd458eff1ac5c4bfc1d2f1bc04c68bfa192fbc60705474af3aa7bbb0acd7305
scip-sitescape.txt
Posted Jul 13, 2007
Authored by Marc Ruef | Site scip.ch

SiteScape Forum versions prior to 7.3 suffer from an input validation flaw that allows for arbitrary javascript insertion.

tags | exploit, arbitrary, javascript
SHA-256 | 093f753a1723a404dac3f95d19723da79cf687420ced67ae4808de6b3d6f4f12
cisco-input.txt
Posted May 24, 2007
Authored by Marc Ruef, Stefan Friedli | Site scip.ch

An input validation vulnerability exists in the Cisco CallManager version 4.1 and possibly in earlier versions as well.

tags | exploit
systems | cisco
SHA-256 | e8ec52bed7f7a15a6801ff5345ef0d8dcd9b16a7993afa2f2e9359f96d9661e7
hordeXSS-2.txt
Posted Aug 27, 2006
Authored by Marc Ruef | Site scip.ch

The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in search.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.

tags | advisory, php, xss
SHA-256 | 26c3ceb148d5508570a99beb7063062a83fe03cece6d91d209c274554ed67c30
hordeXSS.txt
Posted Aug 27, 2006
Authored by Marc Ruef | Site scip.ch

The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in index.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.

tags | advisory, php, xss
SHA-256 | 7c57bc41e7ce313d1d89a5dbbcc9d4f11333e6aa61b26698f67ec4ec0f4dc009
scip-2352.txt
Posted Jul 9, 2006
Authored by Marc Ruef | Site scip.ch

F5 FirePass 4100 versions below 6.x suffer from multiple cross site scripting flaws.

tags | advisory, xss
SHA-256 | b8e1671c06bb63a5f4b8b4faefaa9d278f2bb592810478e991cc62b98f564d9f
scip-2351.txt
Posted Jul 9, 2006
Authored by Marc Ruef | Site scip.ch

Kyberna AG ky2help is susceptible to SQL injection attacks.

tags | advisory, sql injection
SHA-256 | a4ae8484dfc9590a59f7f8d66850d6562b5266ce06ff4f3e8fe4ee48d57d4415
OpenCMSXSS.txt
Posted Dec 18, 2005
Authored by Marc Ruef | Site scip.ch

Alkacon OpenCMS 6.0.2 suffers from a cross site scripting flaw via the login process.

tags | advisory, xss
SHA-256 | 6712272afe41ebceb4e4a4ae32a1af73ca657bd114e93f3a464146b07e513641
NetGearRP114DoS.txt
Posted Dec 14, 2005
Authored by Marc Ruef | Site scip.ch

Marc Ruef found an old fashioned denial of service flaw in the NetGear RP114 device.

tags | advisory, denial of service
SHA-256 | 167e8da4ecc7e712ceaf1c5d26f4e4a95a24545fe23726e64b3d9b463f6f6364
e107v06Vote.txt
Posted Dec 7, 2005
Authored by Marc Ruef | Site scip.ch

e107 version 0.6 is susceptible to a voting manipulation flaw in rate.php.

tags | advisory, php
SHA-256 | 95e0984c729ea5ba5d733100805fd95305beec52393b661132040af4778c98bb
e107post.txt
Posted Aug 31, 2005
Authored by Marc Ruef | Site computec.ch

e107 version 0.6 has an input validation flaw in forum_post.php that allows attackers the ability to create topics in non-existing forums.

tags | advisory, php
SHA-256 | 54ebb505ef7de3a47c44cc973d59da1fe31893292a35300fb1af1a1046ebe05e
netegrity.txt
Posted Jan 19, 2005
Authored by Marc Ruef | Site computec.ch

The Netegrity SiteMinder smpwservicescgi.exe is susceptible to a remote data inclusion vulnerability that allows for phishing attacks.

tags | exploit, remote
SHA-256 | ba2e8bce8ac6c15f997f1dbeffe9a186f5050292a7ea62b8f9c7ae2dde132eee
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close