exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 124 RSS Feed

Files from Kevin Finisterre

Email addresskf at digitalmunition.com
First Active2000-08-29
Last Active2011-05-03
HijackHeadSet.txt
Posted Sep 24, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

Small write up entitled "Hijacking Bluetooth Headsets for Fun and Profit".

tags | paper
SHA-256 | 77323c05bbb2580095063a300d007938e1bc5d61ac068734b800ab7a87e42caf
DMA-2005-0826a.txt
Posted Aug 28, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

The Nokia Affix Bluetooth btsrv makes poor use of a popen() that in turn allows for privileged code execution as root.

tags | exploit, root, code execution
SHA-256 | cc94edfe1b5429594863603c23d573003e4beca70953ed64e8954d0aeb65b705
DMA-2005-0818a.txt
Posted Aug 24, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

dsidentity on Apple OS X 10.4 allows any user on the system to add accounts to Directory Services.

tags | advisory
systems | apple, osx
advisories | CVE-2005-2508
SHA-256 | 9a589fe2fcf5a4e2c8797a0b1bd8fe9ec95ad4366d0ccffadf8656195041becd
BluezHCIDpwned.txt
Posted Aug 18, 2005
Authored by Kevin Finisterre

Document that outlines an exploitable scenario for hcid using the popen() bug in security.c. This was written in response to a claim that the bluez vulnerability was quite trivial.

tags | paper
SHA-256 | ba3ca0b2cbb2323bf730283ba3e93983b93c16bf657c4a78442e1241f594c2e5
TheftOfLinkKey.txt
Posted Aug 12, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

Paper entitled "Theft of Bluetooth Link Keys for Fun and Profit?"

tags | paper
SHA-256 | bab28a93e6d06017dbea2c25b0edf71991910355debb06e00d302cbb1a006e04
DMA-2005-0502a.txt
Posted Aug 6, 2005
Authored by Kevin Finisterre

Apple OSX suffers from multiple bluetooth vulnerabilities.

tags | advisory, vulnerability
systems | apple
SHA-256 | 1f2d239e36a2a11e6998d72399a7c9b0cdc8dcabb42c9fdd577e9c7bfc8b8182
DMA-2005-0712b.txt
Posted Jul 13, 2005
Authored by Kevin Finisterre

Nokia Affix Bluetooth btsrv/btobex makes poor use of system() allowing for remote command execution as root.

tags | exploit, remote, root
SHA-256 | 43a7a7e9ccef6513cee8d509624d337031032bd9abeef5a58831ab2c8a4e6ce6
btftp.txt
Posted Jul 7, 2005
Authored by Kevin Finisterre

Nokia Affix btftp remote client exploit that affect versions below 3.2.0.

tags | exploit, remote
SHA-256 | 4777fa13b8ddade7061084db8c5d1d768933891c69aa232e4eab34ab153cc7a3
DMA-2005-0614a.txt
Posted Jun 21, 2005
Authored by Kevin Finisterre

The Global Hauri ViRobot 2.0 server suffers from a cookie related overflow.

tags | advisory, overflow
SHA-256 | aae4fbf083312fd8cc842727b9168f931208ac628c9d8dfcd7103910ac1d0ddd
virobot_ex.pl
Posted Jun 21, 2005
Authored by Kevin Finisterre

ViRobot UNIX/Linux Server web user interface remote root exploit which takes advantage of the setuid addschup cgi. Adds a root user to the system.

tags | exploit, remote, web, cgi, root
systems | linux, unix
SHA-256 | 38923116589cf99dabcb2c13b224ec765e5f73330ad56759aa1b2a940d2964e6
Bluetooth_dot_dot.txt
Posted Jun 17, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

Update on dot dot attacks against Bluetooth devices. Obex FTP and Widcomm software is affected, and some preauthentication vulnerabilities exist. Includes an example of an attack against an HP Ipaq 2215.

tags | tool, vulnerability, wireless
SHA-256 | bf9c1a840f9fb853562f36de5d4a9f7deaaaf16005d5059078eadcf9328a86ed
arpusCE.pl
Posted May 27, 2005
Authored by Kevin Finisterre

ARPUS ce local overflow exploit that achieves root privileges. Written in perl.

tags | exploit, overflow, local, root, perl
SHA-256 | 260e630fb48e1db956cd243683bf12924c230fb545f13b695a53ae42f7d218f3
arpusCE.c
Posted May 27, 2005
Authored by Kevin Finisterre

ARPUS ce local file overwrite exploit that makes use of a faulty exported DISPLAY.

tags | exploit, local
SHA-256 | 6c556d52af331b5689f3b522fc4e9ad0d6b2c1e740bbad48889ecfa99588bdee
ESRI9x.c
Posted May 27, 2005
Authored by Kevin Finisterre, John H.

ESRI 9.x Arcgis local root format string exploit. Tested on Solaris 10.

tags | exploit, local, root
systems | solaris
SHA-256 | d9b38e1d91584eb0bedbb171e5ed5696dc350abfafe5d6ce083db8b3fa2165fd
DMA_2005-0423a_.txt
Posted May 7, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

Nokia Affix Bluetooth Integer Underflow. Affix is a Bluetooth Protocol Stack for Linux that was developed by the Nokia Research Center, and implements Bluetooth protocols. This may lead to a local root compromise.

tags | advisory, local, root, protocol
systems | linux
SHA-256 | 0b3e9bf80b6a9d1c3d8e5193b6e58cdca58f84d5a3afe253d5f89b22b04f820d
DMA_2005-0412a_.txt
Posted Apr 20, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

WIDCOMM Bluetooth Connectivity Software is vulnerable to a directory traversal exploit.

tags | advisory
advisories | CVE-2004-0775
SHA-256 | 26922982be2e110326b1f4ab84e34eb26baddab981f457133c2df971e2f2f145
DMA-2005-0401a.txt
Posted Apr 14, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

IVT BlueSoleil is susceptible to a directory traversal attack.

tags | advisory
SHA-256 | 1e1d9af91bbd709b568392437d8a9b78522723c305f5bb8e88a5815032459e35
luxman_ex2.pl
Posted Mar 17, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

LuxMan 0.41-19.1 local root exploit that makes use of a buffer overflow.

tags | exploit, overflow, local, root
advisories | CVE-2005-0385
SHA-256 | 7b01e49311df22b1e782ddfdbb2ef21a26bd6b3b31f09ee7f544b869544f4e19
DMA-2005-0310a.txt
Posted Mar 17, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

LuxMan 0.41-19.1 is susceptible to local root compromise via a buffer overflow.

tags | advisory, overflow, local, root
advisories | CVE-2005-0385
SHA-256 | 4ac2d3648cc96facc8f7e2051679d05fbc68b8bf148e46c72e5beaa33cdf2030
ex_perl2b.c
Posted Feb 22, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

Local root exploit for the PerlIO package that makes use of a buffer overflow in PERLIO_DEBUG.

tags | exploit, overflow, local, root
advisories | CVE-2005-0156
SHA-256 | 9d0552984b75d1eee91c3d55047ad2d3a217517c70c32a822a80f3f6ad4a4f98
DMA-2005-0131b.txt
Posted Feb 22, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

The PerlIO package for Perl 5.8.0 suffers from a flaw where PERLIO_DEBUG is susceptible to a buffer overflow that allows for local root compromise when using setuid perl.

tags | advisory, overflow, local, root, perl
advisories | CVE-2005-0156
SHA-256 | 5e2549b861e8546d6c9a0b6ec2aca70aad65786d7da42bf5b87389a324a0c5d0
ex_perl.c
Posted Feb 22, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

Local root exploit for the PerlIO package that makes use of a flaw where manipulation of the filename set in PERLIO_DEBUG allows for local root compromise when using setuid perl.

tags | exploit, local, root, perl
advisories | CVE-2005-0155
SHA-256 | 37c8e812ac9515d45c3ee54cc72ae33c4155953042f46623108ce7b9ced75a3c
DMA-2005-0131a.txt
Posted Feb 22, 2005
Authored by Kevin Finisterre | Site digitalmunition.com

The PerlIO package for Perl 5.8.0 suffers from a flaw where manipulation of the filename set in PERLIO_DEBUG allows for local root compromise when using setuid perl.

tags | advisory, local, root, perl
advisories | CVE-2005-0155
SHA-256 | fc3d56a58c6c7d2ae08bf3106a893f605a2d8ba788499383f222dd779ac04d0f
DMA-2005-0127a.txt
Posted Jan 28, 2005
Authored by Kevin Finisterre

Apple's OS X batch family of commands make poor use of setuid capabilities allowing for privilege escalation.

tags | exploit
systems | apple, osx
advisories | CVE-2005-0125
SHA-256 | 4b7f8222d4d52c294fcfe9d3930da745c276ff2c756307556f0b7f809f135083
ex_gpsd.c
Posted Jan 27, 2005
Authored by Kevin Finisterre, John H. | Site digitalmunition.com

Remote format string exploit for Berlios gpsd, a remake of pygps. On Debian, it achieves uid of gpsd. On Redhat, it achieves root.

tags | exploit, remote, root
systems | linux, redhat, debian
SHA-256 | 9cf987a3eb342c6394cc4295306f491839c95483078d7f507c259c3482d304c3
Page 4 of 5
Back12345Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close