Showing 26 - 50 of 72

Files from Sh2kerr

Email address	alexandr.polyakov at dsec.ru
First Active	2007-10-23
Last Active	2011-11-17

HP StorageWork 1/8 G2 Tape Autoloader Privilege Escalation: Posted Jan 11, 2010; Authored by Sh2kerr, Elazar Broad | Site dsecrg.com; HP StorageWorks 1/8 G2 Tape Autoloader suffers from denial of service and privilege escalation vulnerabilities.; tags | exploit, denial of service, vulnerability; advisories | CVE-2009-2680; SHA-256 | 1796e1effd5dcca9f3b5760999cef870ea8e8cc8bf86fbd5442cd59e0b319642; Download | Favorite | View

Oracle 9G / 10G PL/SQL Injection: Posted Oct 26, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle Database versions 9G and 10G are susceptible to a PL/SQL injection vulnerability in the ctxsys.drvxtabc.create_tables procedure.; tags | advisory, sql injection; advisories | CVE-2009-1991; SHA-256 | 84daa237dd1a6738c1129e914291f5c78d13ae5fea34ce0cf4c5505af298c54a; Download | Favorite | View

SAP GUI VSFlexGrid Active-X Buffer Overflow: Posted Oct 8, 2009; Authored by Sh2kerr, Elazar Broad | Site dsecrg.com; The VSFLEXGrid component of the SAP GUI is susceptible to a buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 04d60f014b9f2a3d08a47e1adb8e4bb8844b3ade41a517d5445b1dd291408bc4; Download | Favorite | View

HP LaserJet Cross Site Scripting: Posted Oct 8, 2009; Authored by Sh2kerr | Site dsecrg.com; Multiple security vulnerabilities have been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerabilities could be exploited remotely by Cross Site Scripting (XSS).; tags | exploit, vulnerability, xss; advisories | CVE-2009-2684; SHA-256 | 032340f6ad00d3fd6574a58ec760211cc4ca9e551c56263295c9d5478714ff05; Download | Favorite | View

EnjoySAP Arbitrary File Overwrite: Posted Sep 29, 2009; Authored by Sh2kerr | Site dsecrg.com; EnjoySAP, SAP GUI for Windows versions 6.4 and 7.1 suffer an arbitrary file overwrite vulnerability.; tags | exploit, arbitrary; systems | windows; SHA-256 | d80fc70342e39f40fb3735be97823441b50b34fc7d0b0c1a27803a784d9a13ef; Download | Favorite | View

Attacking SAP Clients: Posted Sep 3, 2009; Authored by Sh2kerr | Site dsecrg.com; Whitepaper called SAP Security: Attacking SAP Clients.; tags | paper; SHA-256 | 3b5b7a4a9a723fba7a6ae969c5726baab2e6dd3dac776def901de911ca013066; Download | Favorite | View

Adobe JRUN Directory Traversal: Posted Aug 17, 2009; Authored by Sh2kerr | Site dsecrg.com; Adobe JRun Application Server version 4 updater 7 suffers from a directory traversal vulnerability.; tags | exploit; advisories | CVE-2009-1873; SHA-256 | a9bb76b8db1518a8b84fd46fa28ee3a623c046f5c797d18dff2e20ab5500a9ab; Download | Favorite | View

Adobe Coldfusion 8 XSS / XSRF: Posted Aug 17, 2009; Authored by Sh2kerr | Site dsecrg.com; Adobe Coldfusion 8 suffers from cross site scripting and cross site request forgery vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2009-1872; SHA-256 | 49f9ee669e1a069a54b29ec05332edca7f85faad63df7b07cebcd25f400c8e50; Download | Favorite | View

SAP NetWeaver Cross Site Scripting: Posted Aug 13, 2009; Authored by Sh2kerr | Site dsecrg.com; SAP NetWeaver Application Server version 7.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 610f63e221cf5f949da2e1908a76e98d823e3e6ea118b70ae0b3851af53f78bf; Download | Favorite | View

Oracle BEA Weblogic 10 XSS: Posted Jul 17, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle BEA Weblogic version 10.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 9a650695810614f4973ffb7f573662e9896423657f31d2bd9a505ef52184447a; Download | Favorite | View

Oracle Secure Enterprise Search XSS: Posted Jul 17, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle Secure Enterprise Search (SES) version 10.1.8.2.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2009-1968; SHA-256 | 94834e7f4609e3dadfba3ea1aae38f276c43166e3d130a1e1273d767615609e3; Download | Favorite | View

SAP GUI For WIndows 6.5 Buffer Overflow: Posted Jun 8, 2009; Authored by Sh2kerr | Site dsecrg.com; SAP GUI for Windows version 6.4 suffers from an Active-X related buffer overflow vulnerability.; tags | exploit, overflow, activex; systems | windows; SHA-256 | a1fcb709bc928d0360ba49ab9f92a7efe244b69912bf57231764e0628c75e7d4; Download | Favorite | View

Whitepaper - OS Access Using IBM Websphere: Posted Apr 11, 2009; Authored by Sh2kerr | Site dsecrg.com; Whitepaper called Penetration from application down to OS - Getting OS access using IBM Websphere Application Server vulnerabilities.; tags | paper, vulnerability; SHA-256 | 8cb559ced52aca50e77a2ca1dd0ff696a7c3c944d422b4b8ac73a095b7c0ed54; Download | Favorite | View

Whitepaper - OS Access Using Oracle Database User: Posted Apr 11, 2009; Authored by Sh2kerr | Site dsecrg.com; Whitepaper called Penetration from application down to OS - Getting OS access using Oracle Database unprivileged user.; tags | paper; SHA-256 | 06a4f468cc6d983c52ce278ac87657eaa93f732c34490b98b2d0f73fc484fd6f; Download | Favorite | View

Oracle 10g SQL Injection: Posted Feb 18, 2009; Authored by Sh2kerr | Site dsecrg.com; This Metasploit module will escalate a Oracle DB user to MDSYS by exploiting a SQL injection bug in the MDSYS.SDO_TOPO_DROP_FTBL trigger. After that, the exploit escalates the user to DBA using "CREATE ANY TRIGGER" privilege given to the MDSYS user by creating an evil trigger in system scheme (2-stage attack).; tags | exploit, sql injection; SHA-256 | 84bfd4cbb0c258c978b6b3a520766d1e250483da872d06460174b4cdb2b222b5; Download | Favorite | View

Oracle Database 11G PL/SQL Injection: Posted Jan 15, 2009; Authored by Sh2kerr | Site dsecrg.com; The Oracle Database 11G is vulnerable to PL/SQL injection in the Extended filter system (EXFSYS).; tags | exploit, sql injection; SHA-256 | d8f09c696a1fbe9bb03f9e672cefbc8041ca3c3faede87b4997085cda65bfa0b; Download | Favorite | View

Oracle BEA Weblogic 10 Cross Site Scripting: Posted Jan 15, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle BEA Weblogic 10 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | e33d8fb6b1dbf5d7964d1e3e2949d93c632c09eaef88e6b0a3ccfd9734abebb1; Download | Favorite | View

Oracle Application Server Cross Site Scripting: Posted Jan 15, 2009; Authored by Sh2kerr | Site dsecrg.com; The Oracle Application Server (SOA) version 10.1.3.1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2008-4014; SHA-256 | 71a8b7fa46ff9286352fa3111468631c894065fdb407028c2f0c0d26a954a3cd; Download | Favorite | View

Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit: Posted Jan 7, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL injection exploit that grants DBA access and creates a new user.; tags | exploit, sql injection; SHA-256 | 7b1b3f8b6e6da4321cb611707efc11a5823a38e94127e1305f135839082efcb6; Download | Favorite | View

Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit: Posted Jan 7, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle 10g SYS.LT.MERGEWORKSPACE SQL injection exploit that grants DBA access and creates a new user.; tags | exploit, sql injection; SHA-256 | b65150ef13b30d9109725e159bd6bdfdf6423220d0ca97792f5eb9706fc36b23; Download | Favorite | View

Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit: Posted Jan 7, 2009; Authored by Sh2kerr | Site dsecrg.com; Oracle 10g SYS.LT.REMOVEWORKSPACE SQL injection exploit that grants DBA access and creates a new user using the advanced extproc method.; tags | exploit, sql injection; SHA-256 | ea61089df359285afd1a484fd49e098b65fabb8415b8d5b2b17a538099bdb2ab; Download | Favorite | View

DSECRG-08-022.txt: Posted Mar 26, 2008; Authored by Sh2kerr | Site dsecrg.com; BolinOS version 4.6.1 suffers from local file inclusion, cross site scripting, and information disclosure vulnerabilities.; tags | exploit, local, vulnerability, xss, file inclusion, info disclosure; SHA-256 | fe2e3c122dc4548fbd36d67e1716906a79ec410b7e3d1a6d1ccf55733557fda5; Download | Favorite | View

DSECRG-08-021.txt: Posted Mar 24, 2008; Authored by Sh2kerr | Site dsecrg.com; PowerPHPBoard version 1.00b suffers from multiple local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | 94fa9c3a5529e03e73503a17f5d87e7783dda85b1c98827da09482802a3e2cc0; Download | Favorite | View

DSECRG-08-020.txt: Posted Mar 24, 2008; Authored by Sh2kerr | Site dsecrg.com; PowerClan version 1.14a suffers from remote and local file inclusion vulnerabilities.; tags | exploit, remote, local, vulnerability, file inclusion; SHA-256 | 43ffd14f8566404fb9eb7d7740f2ec864af09d81665a8a7ade327f731b7b3126; Download | Favorite | View

DSECRG-08-19.txt: Posted Mar 24, 2008; Authored by Sh2kerr | Site dsecrg.com; PowerBook version 1.21 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; SHA-256 | 89cfbf8afc1e94b92ae4faa6fd527cf19b6cd7ffd7c9dfddef029f3a1369ec55; Download | Favorite | View

Page 2 of 3 Back 1 2 3 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Files from Sh2kerr

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems