what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 42 of 42 RSS Feed

Files from Sandro Gauci

Email addresssandro at sipvicious.org
First Active2007-08-01
Last Active2023-12-26
Asterisk 14.4.0 Skinny Denial Of Service
Posted May 22, 2017
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 14.4.0 with chan_skinny enabled suffers from a memory exhaustion vulnerability that can lead to a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | f873e04bcb0eecc9597ab97c172b350143d8b4bc7a90a33fabc8192c71a4c519
Asterisk 14.4.0 PJSIP 2.6 Denial Of Service
Posted May 22, 2017
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 14.4.0 running chan_pjsip with PJSIP version 2.6 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 26735dd3956e23cd86d3bfd7f09cf45b7e07e2f91f84b5f91c48da4e3976b767
Asterisk 14.4.0 PJSIP 2.6 Heap Overflow
Posted May 22, 2017
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 14.4.0 with PJSIP version 2.6 suffers from a heap overflow vulnerability in CSEQ header parsing.

tags | exploit, overflow
SHA-256 | 96d2411683190b99bf76dad788720f5b886c567643bf4124f892badaecf39a31
Asterisk Project Security Advisory - AST-2017-004
Posted May 20, 2017
Authored by Sandro Gauci, George Joseph | Site asterisk.org

Asterisk Project Security Advisory - A remote memory exhaustion can be triggered by sending an SCCP packet to Asterisk system with chan_skinny enabled that is larger than the length of the SCCP header but smaller than the packet length specified in the header. The loop that reads the rest of the packet does not detect that the call to read() returned end-of-file before the expected number of bytes and continues infinitely. The partial data message logging in that tight loop causes Asterisk to exhaust all available memory.

tags | advisory, remote
SHA-256 | 8d5f47cf0e67ce5864a2b2a4177e62f386b1d90a8d45c93551e617023efa518c
Asterisk Project Security Advisory - AST-2017-003
Posted May 20, 2017
Authored by Sandro Gauci, Mark Michelson | Site asterisk.org

Asterisk Project Security Advisory - The multi-part body parser in PJSIP contains a logical error that can make certain multi-part body parts attempt to read memory from outside the allowed boundaries. A specially-crafted packet can trigger these invalid reads and potentially induce a crash.

tags | advisory
SHA-256 | dffc64dd4e5928c9a21df82604d70762c92068e2145f6bc7293d2eb080f35bbc
Asterisk Project Security Advisory - AST-2017-002
Posted May 20, 2017
Authored by Sandro Gauci, Mark Michelson | Site asterisk.org

Asterisk Project Security Advisory - A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By overrunning the buffer, the memory allocation table becomes corrupted, leading to an eventual crash.

tags | advisory, remote, overflow
SHA-256 | 60ef218a0c056d6aec0776e903fa217b0958d9a103decc2e014f49f5d98412d9
Liferay 6.2.3 CE GA4 OpenID XXE Injection
Posted Jun 2, 2016
Authored by Sandro Gauci

Liferay supports OpenID login which was found to make use of a version of openid4java that is vulnerable to XML External Entity (XXE) attacks. Liferay versions 6.2.3 CE GA4 and earlier are affected.

tags | exploit, xxe
SHA-256 | 4af9bc5284a2717eed36c719d395c99e7caa71650223cbe9e5ba3e327bfa0e63
Cisco CUCM Directory Traversal / Reversible Obfuscation
Posted Nov 8, 2011
Authored by FX, Sandro Gauci | Site recurity-labs.com

Cisco CUCM environment and the IP Phone CP-7975G suffer from a directory traversal, have a reversible obfuscation algorithm, security issues related to SCCP, CTFTP, and Voice VLAN separation. Versions 7.0 and 8.0(2) are affected.

tags | exploit, file inclusion
systems | cisco
SHA-256 | 17aa1f350cac49473ed6962ed0fc3ece5a0474aa8fa99f6df2c4f4751b652bc7
SIPVicious Tool Suite 0.2.6
Posted Jun 23, 2010
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: Various bug fixes and a new tool called svcrash.py.
tags | telephony, python
SHA-256 | 1e25862cc9e81979e0d66e5fb298c8cfd17279e7dd683b1dd841dcf1dbc29cc8
Applicure dotDefender 4.0 Cross Site Scripting
Posted Jun 2, 2010
Authored by Sandro Gauci

Applicure dotDefender version 4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fefe2bf6cf86f61cea6eacfb51cf2668b0a3a88f1daf4ee354942b14753dbcd3
sipvicious-0.2.4.tar.gz
Posted Aug 13, 2008
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: The wardialer has had some improvements made. Various bug fixes. Multiple features added including fingerprinting support for svmap. Included fphelper.py and 3 databases used for fingerprinting.
tags | telephony, python
SHA-256 | 925c5e20334b59f8b4dfa8b74af93cca91bb177f7927dc064b5c0b0eea42524b
surfjack-0.1b.zip
Posted Aug 13, 2008
Authored by Sandro Gauci | Site enablesecurity.com

surfjack is a tool that allows you to hijack HTTP connection to steal cookies.

tags | web
SHA-256 | 65a1c73679412a460412df6144fbf8de78ac5c5048437c0211b5eee605f5abbd
the-extended-html-form-attack-revisited.pdf
Posted Jun 18, 2008
Authored by Sandro Gauci | Site enablesecurity.com

Whitepaper from 2002 that has been updated regarding the abuse of non-HTTP protocols to launch cross site scripting attacks.

tags | paper, web, protocol, xss
SHA-256 | 8afda6a71fc82e75746054b311cdece0c4c6f3bf4d75964f8cec22dd09f4c8b7
sipvicious-0.2.3.tar.gz
Posted Jun 4, 2008
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: Multiple features added including fingerprinting support for svmap. Included fphelper.py and 3 databases used for fingerprinting.
tags | telephony, python
SHA-256 | 7a884728d0b0449539ae468744f04de9386aceef921b10b79cfdbcac2701d9ff
sipvicious-0.2.1.tar.gz
Posted Nov 7, 2007
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: Session state is now saved and svmap supports sending INVITE to particular extensions. The rest are mostly bug fixes and stability.
tags | telephony, python
SHA-256 | 44b8f1330394d7ee5c5a5ce92f71f1909241c1b2caa71c754c83930bc18bd737
sipvicious-0.2.tar.gz
Posted Oct 10, 2007
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: Multiple features have been added and tweaked.
tags | telephony, python
SHA-256 | b4ce7d3390a65075e49977aa14755b3028fc45bc726cd7eaafb4a1d36f7bc67f
sipvicious-0.1.tar.gz
Posted Aug 1, 2007
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

tags | telephony, python
SHA-256 | a8491392edc35e99527bf80f43cfd8cc88e44cdfee6d97c95421c9bd5999b6b2
Page 2 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    38 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close