exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from Martin O'Neal

Email addressmartin.oneal at corsaire.com
First Active2003-03-29
Last Active2008-01-08
corsaire-jre.txt
Posted Jan 8, 2008
Authored by Martin O'Neal | Site corsaire.com

Corsaire Security Advisory - The Sun JRE product has a denial of service issue that may cause Internet Explorer to fail. Versions 5.0 prior to update 14 are affected.

tags | advisory, denial of service
advisories | CVE-2007-0012
SHA-256 | 16cb9b32ed76820b79ddb5155fcf3b33df66267c05af0ea1421bb733c1515110
corsaire-citrix.txt
Posted Oct 23, 2007
Authored by Martin O'Neal

The Citrix Access Gateway product suffers from a flaw that allows an attacker to gain access to an authenticated user's session ID.

tags | advisory
advisories | CVE-2007-0011
SHA-256 | 01037c80d3fc5f9b8cef26ca90fb92ab47bbd0fb82f264f1211453f55312eb38
Corsaire Security Advisory 2004-11-23.2
Posted Aug 17, 2005
Authored by Martin O'Neal, Corsaire

Corsaire Security Advisory - The aim of this document is to clearly define a vulnerability in the HP Ignite-UX product, as supplied by HP Inc., that would allow unauthenticated write access to the host filesystem, both remotely and locally.

tags | advisory
advisories | CVE-2004-0952
SHA-256 | bd7fc27a50d40ede02ba72bc8f8469bd365c3aa828f2f6c856f3e5b6b6c4fa87
Corsaire Security Advisory 2004-11-23.1
Posted Aug 17, 2005
Authored by Martin O'Neal, Corsaire

Corsaire Security Advisory - The aim of this document is to clearly define a vulnerability in the HP Ignite-UX product, as supplied by HP Inc., that would allow unauthenticated access to a copy of the /etc/passwd file.

tags | advisory
advisories | CVE-2004-0951
SHA-256 | 795d1dc86a63b7e0c62cc4672e2505d6773a262bd53570e6651222f8b8c385cf
Corsaire Security Advisory 2005-05-03.1
Posted Jul 28, 2005
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - The SAP Internet Graphics Server versions below 6.40 Patch 11 are susceptible to a directory traversal attack.

tags | exploit
advisories | CVE-2005-1691
SHA-256 | bc1bf9061a5b291ddad02fbb0d9b84f70b54b11e4937e46f27f17ae2e47c5288
Corsaire Security Advisory 2004-06-19.1
Posted Nov 20, 2004
Authored by Martin O'Neal, Corsaire | Site penetration-testing.com

Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2004-0950
SHA-256 | 42db080f94b4a9d2053f5f711e043ba751541dcd77b4eb01d14059438cd13bce
Corsaire Security Advisory 2003-08-04.9
Posted Sep 15, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - By using malformed MIME encapsulation techniques centered on the presence of fields containing an RFC822 comment, embedded file attachment blocking functionality can be evaded.

tags | advisory
advisories | CVE-2004-0162
SHA-256 | 74251de47904aae76e4bffb4f916da01cf56d98e7b1ed49b5e0f83010829c5b5
Corsaire Security Advisory 2003-08-04.6
Posted Sep 15, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - By using malformed MIME encapsulation techniques centered on the presence of non-standard separators, embedded file attachment blocking functionality can be evaded.

tags | advisory
advisories | CVE-2004-0052
SHA-256 | 66ff35c775b45519831713986c8df93cd3e7b62b318c9ec3b8e112458a53ce8e
Corsaire Security Advisory 2003-08-04.5
Posted Sep 15, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - By using MIME encapsulation techniques centered on both standard and non-standard Content-Transfer-Encoding mechanisms, embedded file attachment blocking functionality can be evaded.

tags | advisory
advisories | CVE-2004-0051
SHA-256 | 35436f55f94abd49272c41efd63997ec83f2d27a43061abf56462b465653327b
Corsaire Security Advisory 2003-08-04.2
Posted Sep 15, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - There are a number of content security gateway and anti-virus products available that provide policy based security functionality. Part of this functionality allows the products to block embedded file attachments based on their specific content type, such as executables or those containing viruses. However, by using malformed MIME encapsulation techniques centered on the presence of multiple occurrences of fields, this functionality can be evaded.

tags | advisory, virus
advisories | CVE-2003-1014
SHA-256 | 861f18b0357c439502c07a12285b7d20b18584f5ea50adaee7fcfa7ffc20f5c2
Corsaire Security Advisory 2003-08-07.1
Posted Aug 14, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - Clearswift MAILsweeper versions prior to 4.3.15 do not detect a number of common compression formats, for which it is listed as compatible, and in certain circumstances also fails to identify the name of file attachments when they are encoded.

tags | advisory
advisories | CVE-2003-0928, CVE-2003-0929, CVE-2003-0930
SHA-256 | 3f047f592c34f90980051f2bc93509140eefe357ea985ae9b8430829c523dfa8
Corsaire Security Advisory 2003-11-20.3
Posted Aug 11, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - Sygate Enforcer releases prior to 3.5MR1 allow unauthenticated broadcast traffic to pass through.

tags | advisory
advisories | CVE-2004-0593
SHA-256 | 21d9a16475777b2c30bcd941e5e7faebe82c5cfe876f2a8709cdc45163e95f60
Corsaire Security Advisory 2003-11-20.2
Posted Aug 11, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - Sygate Secure Enterprise versions prior to 3.5MR3 are susceptible to a replay attack that allows for resource exhaustion.

tags | advisory
advisories | CVE-2004-0163
SHA-256 | 9518fde350500d8f1f17561d136500ea61cea2c37c0fb9f6ff05042d4ef28006
Corsaire Security Advisory 2003-11-20.1
Posted Aug 11, 2004
Authored by Martin O'Neal, Corsaire | Site corsaire.com

Corsaire Security Advisory - Sygate Enforcer 4.0 and prior releases are susceptible to a denial of service attack via malformed discovery packets.

tags | advisory, denial of service
advisories | CVE-2003-0931
SHA-256 | c0ffd3b2d0fc4b2f508557dda3a080b8daea38175bc4d73cf4d1a38f69678dee
CookiePathBestPractice.pdf
Posted May 20, 2004
Authored by Martin O'Neal | Site corsaire.com

Corsaire White Paper: Cookie Path Best Practice. A brief document discussing how and why a cookie path should be strictly defined.

tags | paper, web
SHA-256 | c30fa2410156b0fdf005bdaacdb6fc9efd561e2ce36194f3f8f20250a403b84a
verity.txt
Posted May 7, 2004
Authored by Martin O'Neal

Verity Ultraseek versions 5.2.1 and below suffer from a path disclosure vulnerability.

tags | advisory
advisories | CVE-2004-0050
SHA-256 | 7d453bcafb1e5f1d30de0877909326e0a78a7f4796780b0c8aa184c41961b2cd
peoplesoftCGI.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft PeopleBooks Search CGI is susceptible to argument handling vulnerabilities that allow a remote attacker to gain access to files outside of the webroot.

tags | advisory, remote, cgi, vulnerability
SHA-256 | 54bdecc65f1cc150934bc3dc63cf2ef28eea6cf37d5cea1c26b8bb166ac96381
peoplesoftXSS.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft IScript interface accepts a number of arguments via HTTP POST/GET calls. Using a carefully constructed URL, Java code can be executed in a users context.

tags | advisory, java, web
SHA-256 | 49c7d7dac2df8685c1ffa08b0ea2b20a702114b5f2b917806113e242380c3f43
peoplesoftServlet.txt
Posted Nov 14, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The PeopleSoft Gateway Administration utility has a servlet that discloses its full path to the configuration files on the server when improper values are passed to it.

tags | advisory
SHA-256 | 08f4265e6b6df73f2a516dc2004f39b7a6a8b4a9721fbac7e78d54b11bea003a
SymantecFW.txt
Posted Mar 29, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The Symantec Enterprise Firewall (SEF) 7.0 allows URLs to be blocked based on predefined regular expression patterns. Utilizing URL encoding techniques this functionality can be evaded.

tags | advisory
SHA-256 | 88ab8f83030a662c57788624994d6f9339a65e39faa21fe5b363fa5e8832223d
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close