what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files

SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference
Posted Oct 31, 2012
Authored by Lucas Apa | Site ioactive.com

IOActive Security Advisory - A vulnerability exists within AscoServer.exe of SIEMENS SiPass during the handling of RPC messages over the ethernet bus. Insufficient sanity checking allows remote and unauthenticated attackers to corrupt a heap-allocated structure and then dereference an arbitrary pointer. This flaw allows remote attackers to execute arbitrary code on the target system, under the context of the SYSTEM account, where the vulnerable versions of SIEMENS SiPass Integrated are installed. More advanced payloads could modify the behavior of the application’s internal controllers to unlock doors, control specific hardware, or expose businesses to other security risks. SIEMENS SiPass Integrated versions MP2.6 and earlier are affected.

tags | advisory, remote, arbitrary
SHA-256 | 6c360fd7a497194cefa22ee03fee415561bb9f756de284b4f7fa3b2eae5e5953

Related Files

DASDEC Root SSH Key
Posted Jul 9, 2013
Authored by Mike Davis | Site ioactive.com

IOActive Security Advisory - DASDEC-I and DASDEC-II from Digital Alert Systems (DAS), which are used in the Emergency Alert System, have an embedded root ssh key that enables an attacker to transmit false emergency information over a large geographic area.

tags | exploit, root
SHA-256 | b32108bd2c0d9441bb1f18cfa9a0bc8a321063c45c679b287a55fffbc1d67034
Mandriva Linux Security Advisory 2009-198
Posted Aug 11, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-198 - Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open() on an invalid URL which looks similar to a legitimate URL and then use document.write() to place content within the new document, appearing to have come from the spoofed location. Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client. IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.

tags | advisory, overflow, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-2654, CVE-2009-2404, CVE-2009-2408
SHA-256 | 75f839274f8e82729d0a4c1aca579dbfb860f6c2f1f69f8353c4f57860a78bd7
ioactive-python.txt
Posted Apr 11, 2008
Site ioactive.com

PyString_FromStringAndSize() incorrectly validates input in Python version 2.5.2. Earlier versions may also be vulnerable.

tags | advisory, python
SHA-256 | acdffd19a5b36cf9a44eb0ee3ce3dda152701c5d20c417990d3d9dd1d9b1ff11
ioactive-zlib.txt
Posted Apr 10, 2008
Site ioactive.com

The zlib extension module in Python version 2.5.2 contains a method for flushing decompression streams that takes an input parameter of how much data to flush. This parameter is a signed integer that is not verified for sanity and is thus potentially negative. When passed a negative value memory is misallocated and then the signed integer is converted to an unsigned integer resulting in buffer overflow.

tags | advisory, overflow, python
SHA-256 | c3a0dd34a8717e04bba206262904ef9f4e4455f57c9ce9a73f69101d7914ff88
ioactive-sitescope.txt
Posted Feb 12, 2008
Site ioactive.com

IOActive Security Advisory - IOActive has discovered multiple critical vulnerabilities within the Mercury SiteScope server monitoring software, some of which allow for complete remote compromise of the entire monitored network, as well as arbitrary code execution on all servers managed by the SiteScope software. All versions are affected.

tags | advisory, remote, arbitrary, vulnerability, code execution
SHA-256 | bdf701facaff7c05ea1f467d97bae23f2034d266aaa8c38317cac7d77ffcb638
ioactive-modjk2.txt
Posted Feb 12, 2008
Site ioactive.com

IOActive Security Advisory - mod_jk2 versions prior to 2.0.4 are vulnerable to multiple stack overflow vulnerabilities. Specifically, IOActive has discovered multiple locations where these vulnerabilities are exploitable via the Host request header in any given request. These overflows all result in remote code execution under the user of the running Apache process.

tags | advisory, remote, overflow, vulnerability, code execution
SHA-256 | 0161744beee5c0442c15b6bd90c5e6d1e55cbe47940ec1ba4424c2446c68071e
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close