exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 34 of 34 RSS Feed

Files from Jon Oberheide

Email addressjon at oberheide.org
First Active2005-03-17
Last Active2024-08-31
Avahi Remote Denial Of Service Exploit
Posted Dec 22, 2008
Authored by Jon Oberheide

Avahi mDNS daemon versions below 0.6.24 remote denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2008-5081
SHA-256 | 21710acf10701ccd19d56410ec9950524c32406536eccbcb87f1aab4060bb059
Download | Favorite | View
Linux Kernel Denial Of Service Exploit
Posted Dec 10, 2008
Authored by Jon Oberheide

Linux kernel versions 2.6.27.8 and below ATMSVC local denial of service exploit.net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2008-5079
SHA-256 | 1ac5511bb7124a05d8d0461db2da89076c5d7276da1e422a0eed18b95223456a
Download | Favorite | View
cosign-vuln-2007-002.txt
Posted Apr 12, 2007
Authored by Jon Oberheide

A remotely exploitable vulnerability has been discovered that allows attackers who are already authenticated via cosign to assume the identity of an arbitrary user on a cosign-protected service. Organizations that run their own central cosign weblogin server should upgrade their weblogin server to cosign 2.0.2a, cosign 1.9.4b, or back-port the patch available at http://weblogin.org/download.html to the version of cosign they are running.

tags | advisory, web, arbitrary
SHA-256 | 9d3384ebd5ec682d699cff4c928f3b744c5e0e5409c6ed578391f6575dfe6c90
Download | Favorite | View
cosign-vuln-2007-001.txt
Posted Apr 12, 2007
Authored by Jon Oberheide

A remotely exploitable vulnerability has been discovered that allows attackers to bypass cosign weblogin server authentication and assume the identity of an arbitrary user on a cosign-protected service. Organizations that run their own central cosign weblogin server should upgrade their weblogin server to cosign 2.0.2a, cosign 1.9.4b, or back-port the patch available at http://weblogin.org/download.html to the version of cosign they are running.

tags | advisory, web, arbitrary
SHA-256 | 2a8d0ff9981290825587f63a0115fe1f88cd7ec7295e11fe261a0bc411f517c9
Download | Favorite | View
libevent-dos.txt
Posted Feb 20, 2007
Authored by Jon Oberheide

A denial of service flaw exists in the parsing of DNS responses in libevent, specifically in the handling of label pointers. Versions 1.2 and 1.2a are affected.

tags | advisory, denial of service
SHA-256 | 40a8b76e6d7840ac57ab547f3c89cb6fd0c7f4d3aff4b6329e75d7ecbdad80a0
Download | Favorite | View
aimject-1.0.tar.gz
Posted Nov 29, 2006
Authored by Jon Oberheide | Site jon.oberheide.org

Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger's OSCAR protocol via a simple GTK interface.

Changes: Build support and instructions for win32, win32 binaries/installers using NSIS, icmp redirection disabling, loads of fixes.
tags | tool, sniffer, protocol
SHA-256 | 48101949b13bb6ba02b0cc6cbe6f9c377d39e802481cf75c631befc73ee96b4c
Download | Favorite | View
aimject-0.8.tar.gz
Posted Oct 21, 2006
Authored by Jon Oberheide | Site jon.oberheide.org

Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger's OSCAR protocol via a simple GTK interface.

Changes: integrated ARP/DNS spoofing, IP forwarding command execution (linux/*bsd), max screenname length bumped to account for extended names, screenname formatting issue fixed to avoid detection during local message injection
tags | tool, sniffer, protocol
SHA-256 | 8975e8f16ac28ee7b9331a2b37d25c54c13dab742ee263dc198ad8e73e93e6bd
Download | Favorite | View
aimject-0.6.tar.gz
Posted Oct 4, 2006
Authored by Jon Oberheide | Site jon.oberheide.org

Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger's OSCAR protocol via a simple GTK interface.

tags | tool, sniffer, protocol
SHA-256 | 5e23f13f4df0e76d70be2e7172cebdbc3306215726fa47e539dcfe6080b57cc0
Download | Favorite | View
phorum5014.txt
Posted Mar 17, 2005
Authored by Jon Oberheide

Phorum versions 5.0.14 and below are susceptible to multiple cross site scripting bugs.

tags | advisory, xss
SHA-256 | 27877b750246ca31ff8d8fb14fd92cf6f6b17f67dd2d3a26b69a7ccc5040b9cc
Download | Favorite | View
Page 2 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    113 Files
  • 2
    Sep 2nd
    0 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    0 Files
  • 6
    Sep 6th
    0 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close