what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files from Sebastian Apelt

Email addresswebmaster at buzzworld.org
First Active2005-11-20
Last Active2011-08-19
EMC AutoStart Buffer Overflow
Posted Aug 19, 2011
Authored by Sebastian Apelt | Site emc.com

EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2011-2735
SHA-256 | c6c9c42100d678b45b46b99d67e332a94acb32e5e795399054df43273d774351
iDEFENSE Security Advisory 2008-12-02.4
Posted Dec 5, 2008
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 12.02.08 - Remote exploitation of an integer overflow vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. As part of its font API, the JRE provides the ability to load a font from a remote URL. Various types of fonts are supported, one of which is the TrueType format font. The vulnerability occurs when parsing various structures in TrueType font files. During parsing, values are taken from the file, and without being properly validated, used in operations that calculate the number of bytes to allocate for heap buffers. The calculations can overflow, resulting in a potentially exploitable heap overflow. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_05 for Windows. Previous versions may also be affected.

tags | advisory, java, remote, overflow, arbitrary
systems | windows
SHA-256 | f6138bd9306284a73b3be3d7781e778c2de99c2305f7e7bac167538fec90f7e1
iDEFENSE Security Advisory 2008-10-29.1
Posted Oct 31, 2008
Authored by iDefense Labs, Sebastian Apelt, Code Audit Labs | Site idefense.com

iDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2008-2238
SHA-256 | fdb454b37d786a9ada30ce36452df4141a400dde4634b766ff1948e16de69370
Zero Day Initiative Advisory 08-041
Posted Jul 10, 2008
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, bound by default to TCP port 524. Flawed arithmetic applied to a user-supplied value results in an integer overflow and subsequently a complete stack smash allowing an attacker to execute arbitrary code via SEH redirection.

tags | advisory, remote, overflow, arbitrary, tcp
SHA-256 | b8fab3a9c1fe5bdfe8b5490324976c46300330796237327dfa591f6ec5ca1bcb
Zero Day Initiative Advisory 08-039
Posted Jun 11, 2008
Authored by Peter Vreugdenhil, Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData() method when called on a DOM object that has been manipulated in a special way. The attack results in an exploitable heap buffer allowing for code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2008-1442
SHA-256 | 199a27adda6f9b915cf6856311e07418574bbd6af52f57dd0a8956c4404ef6a1
CAID-scmgw.txt
Posted Jun 5, 2008
Authored by Sebastian Apelt, Cody Pierce | Site www3.ca.com

CA Secure Content Manager contains multiple vulnerabilities in the HTTP Gateway service that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
SHA-256 | 47555d68b8e92edea082d71fedeb7d325edf58e7a50e1aaa6b62fd587d4992bb
Zero Day Initiative Advisory 08-036
Posted Jun 5, 2008
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.

tags | advisory, web, overflow, arbitrary
advisories | CVE-2008-2541
SHA-256 | 21e34cfd4839c547032ac5c2ccba71e32a4eaf4e2b2c53ce492ba25976122967
iDEFENSE Security Advisory 2008-02-12.5
Posted Feb 13, 2008
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 02.12.08 - Remote exploitation of multiple integer overflow vulnerabilities in Adobe Systems Inc.'s Flash Media Server 2 could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, windows
advisories | CVE-2007-6149
SHA-256 | 2e64e8df4dc7951f44406cdbed0622875b0af4ae13a8f0ace23f48943e8de520
Zero Day Initiative Advisory 08-01
Posted Jan 14, 2008
Authored by Tipping Point, Sebastian Apelt, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express. Authentication is not required to exploit this vulnerability. The specific flaw resides in the TSM Express Backup Server service, dsmsvc.exe, which listens by default on TCP port 1500. The process trusts a user-supplied length value. By supplying a large number, an attacker can overflow a static heap buffer leading to arbitrary code execution in the context of the SYSTEM user. Tivoli Storage Manager Express version 5.3 is affected.

tags | advisory, overflow, arbitrary, tcp, code execution
advisories | CVE-2008-0247
SHA-256 | d3505a1cd6fd799ea1c25183890de56f606ba71453077a7b318259b08b71a0a0
Zero Day Initiative Advisory 07-054
Posted Sep 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express. Authentication is not required to exploit this vulnerability. The specific flaw exists in the dsmcad.exe process bound by default on TCP port 1581. During HTTP header parsing, a host parameter of sufficient length will trigger an overflow through a call to vswprintf(). The call overflows into imported function pointers which are later called. Exploitation of this issue can result in arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, tcp, code execution
advisories | CVE-2007-4880
SHA-256 | 41dc7af910d285e035e2db4b24819dddbe485c420937ecb6759edbce15736510
Zero Day Initiative Advisory 07-051
Posted Sep 9, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Server Protect. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine TMregChange() exported by TMReg.dll which is reachable through the custom protocol subcode "\x15\x00\x00\x00". The TCP socket bound to port 5005 receives user-supplied data which is copied without proper bounds checking to a stack-based buffer. Thereby resulting in an exploitable condition.

tags | advisory, remote, arbitrary, tcp, protocol
advisories | CVE-2007-4731
SHA-256 | a7262a963930d57504f98d7fcf0255177975b66c3efc6c0afbf9fb628615c4ff
iDEFENSE Security Advisory 2007-07-24.2
Posted Jul 25, 2007
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDefense Security Advisory 07.24.07 - Remote exploitation of a design error vulnerability in Computer Associates International Inc.'s (CA) eTrust Intrusion Detection allows attackers to execute arbitrary code. iDefense has confirmed that CA eTrust Intrusion Detection version 3.0.5 on Windows is vulnerable. The file version of caller.dll tested was 3.0.5.55.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2007-3302
SHA-256 | dd433f38cbabc80db9006ffd84b9047b05a53fde7911950b55cdcb6f78112bb8
Zero Day Initiative Advisory 07-043
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.

tags | advisory, overflow, arbitrary, tcp, imap
advisories | CVE-2007-2795
SHA-256 | 8279df9e3f6628e382b2c7a5a6be9506ada270ff36959ade2e745ffecec11bc0
Zero Day Initiative Advisory 07-042
Posted Jul 25, 2007
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.

tags | advisory, arbitrary
advisories | CVE-2007-2795
SHA-256 | 593b634096faa8f05ad818060f65a33e6146a050e4d9a804b7f9cba05849a6d2
Zero Day Initiative Advisory 06-06
Posted Apr 1, 2006
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-06-006: A buffer overflow exists in the Symantec VERITAS NetBackup Database Manager. Version 6.0 is affected.

tags | advisory, overflow
SHA-256 | 3ee80a9ae01e2332c684f620224e12f3b480e4050910a21ee5244747047484ba
Zero Day Initiative Advisory 06-05
Posted Apr 1, 2006
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-06-005: A buffer overflow exists in the Symantec VERITAS Volume Manager. Version 6.0 is affected.

tags | advisory, overflow
SHA-256 | 8045b164de5ac478c3478881b5766a46f7f5e995c71a48f91d4b1b1c3423b0dc
iDEFENSE Security Advisory 2006-02-10.t
Posted Feb 13, 2006
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDEFENSE Security Advisory 02.10.06 - Remote exploitation of a denial of service vulnerability in IBM Corp.'s Lotus Domino LDAP server allows attackers to crash the service, thereby preventing legitimate access. iDEFENSE is currently unaware of exploits for this vulnerability other than those maintained by iDEFENSE Labs. iDEFENSE has confirmed the existence of this vulnerability in Lotus Domino Server version 6.5.4. It is suspected that earlier versions of Lotus Domino Server are also affected.

tags | advisory, remote, denial of service
advisories | CVE-2005-2712
SHA-256 | c45653cf3886d3f477b01cb3a76974e40c800c7765026772b1b9d2302717805f
iDEFENSE Security Advisory 2005-12-06.2
Posted Dec 9, 2005
Authored by iDefense Labs, Sebastian Apelt | Site idefense.com

iDEFENSE Security Advisory 12.06.05 - Remote exploitation of a denial of service (DoS) vulnerability in Ipswitch Inc.'s Imail IMAP server allows attackers to crash the target service, thereby preventing legitimate use. The problem specifically exists in handling long arguments to the LIST command. When a LIST command of approximately 8000 bytes is supplied, internal string parsing routines can be manipulated in such a way as to reference non-allocated sections of memory. This parsing error results in an unhandled access violation, forcing the daemon to exit. iDEFENSE has confirmed the existence of this vulnerability in Ipswitch IMail 8.2.

tags | advisory, remote, denial of service, imap
advisories | CVE-2005-2923
SHA-256 | e5d1bd2f932ad64040c064cb10b1600cfc02038904b8a0fd03bccc78a73df522
Zero Day Initiative Advisory 05-03
Posted Nov 20, 2005
Authored by Tipping Point, Sebastian Apelt | Site zerodayinitiative.com

ZDI-05-003: Novell Netmail IMAPD suffers from buffer overflows. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netmail. Authentication is required to exploit this vulnerability. Affected Products: Novell Netmail 3.5.2.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-3314
SHA-256 | a6c8579fcaac421e0684e535024d5416f00bfb87093bdcb05e5735e03d9dc6c9
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close