exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files

Owning Render Farms Via NVIDIA Mental Ray
Posted Dec 10, 2013
Authored by Luigi Auriemma, Donato Ferrante

This paper details a vulnerability affecting NVIDIA mental ray, which allows an attacker to take control over a mental ray based render farm.

tags | paper
SHA-256 | 775f48d6630d6aac147c8f09fc15e01a82cf693584d38a901be40b58fff0f320

Related Files

REVULN 20x3 Call For Papers
Posted Mar 14, 2020
Authored by REVULN

REVULN 20x3 is an international conference taking place on September 9th through the 10th, 2020 in Bangkok (Thailand) at Ibis Styles Bangkok Sukhumvit Phra Khanong.

tags | paper, conference
SHA-256 | 82efc20eef4cbad218ef093972ef73032b638f443842161bf8300202e1cf5aeb
REVULN 20x2 Call For Papers
Posted Feb 3, 2020
Authored by REVULN

REVULN 20x2 is an international conference taking place the June 25th through the 26th, 2020 in St. Paul's Bay (Malta) at the Hotel Santana.

tags | paper, conference
SHA-256 | cb6a89e15d510c1293370692b4ce2958476b45e3d99d2ac90bdb73e9a12cd668
REVULN 20x1 Call For Papers
Posted Feb 3, 2020
Authored by REVULN

REVULN 20x1 is an international conference taking place the April 28th through the 30th, 2020 in Metro Manila (Philippines) at the RED Hotel Cubao.

tags | paper, conference
SHA-256 | eb33f5e98c769dfe6a8b1f404b5315ab727fd98cc68a42868c5cd4bcefb989d1
REVULN 19Q4 Call For Papers
Posted Aug 15, 2019
Site revuln.com

The Call For Papers has been announced for REVULN 19Q4, an international cyber-security conference taking place December 11th and 12th, 2019 in Hong Kong at the Best Western Plus Hotel Hong Kong.

tags | paper, conference
SHA-256 | 58756d13e8c5f3bb7fac9a0a86dbf56e940f233ba2c696c8f74c182205d4831f
REVULN 19 Call For Papers
Posted Dec 24, 2018
Site revuln.com

REVULN 19 is an information technology security conference taking place on May 15th, 2019 in Hong Kong at the Harbour Plaza North Point Hotel.

tags | paper, conference
SHA-256 | ac1921b87e3233d90f156c47ee411916de350040efb5b8abf05b9a7449175aa2
Key Reinstallation: Forcing Nonce Reuse In WPA2
Posted Oct 16, 2017
Authored by Frank Piessens, Mathy Vanhoef | Site krackattacks.com

Whitepaper called Reinstallation Attacks: Forcing Nonce Reuse in WPA2. This research paper will be presented on at the Computer and Communications Security (CCS) conference on November 1, 2017. This paper details a flaw in the WPA2 protocol itself and most devices that makes use of WPA2 are affected.

tags | paper, cryptography, protocol
advisories | CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
SHA-256 | 7bdd578be202b278bcaaefbcc9d6e1f9481932cdadde98dfd4ce55ede0123ded
Oracle Data Redaction Is Broken
Posted Jul 16, 2014
Authored by David Litchfield

Oracle data redaction is a simple but clever and innovative idea from Oracle. However, at present, there are weaknesses that undermine its effectiveness as a good security mechanism. These weaknesses can be exploited via web based SQL injection attacks and this paper details those weaknesses and provides suggestions on how it can be improved and made more secure.

tags | paper, web, sql injection
SHA-256 | 8cb488d94f0f24c541295b45894955646b915f06b2bd3f2038f2c4e7aac4422f
Game Engines: A 0-Day's Tale
Posted May 20, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This paper details several issues affecting different game engines. All the vulnerabilities discussed in this paper are 0-days, at time of writing. This paper has been released as a companion paper along with the authors' talk Exploiting Game Engines For Fun And Profit presented at the NoSuchCon conference.

tags | paper, remote, local, vulnerability
SHA-256 | d6ecd8f4c602a765dcc75745f021e2021968f2607ffd8bafed3a506e1bda08ed
EA Origin Insecurity
Posted Mar 18, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

In this paper the authors uncover and demonstrate an interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known EA Origin platform as an attack vector against remote systems. The attack proposed in this paper is similar to the attack targeting the Steam platform that they detailed in their previous research. The Origin attack detailed in this paper affects more than 40 million Origin users.

tags | advisory, remote, local, vulnerability
SHA-256 | 49def0264cec468ffef03ccdced1ff431068dffff126aca570d55caf707dd49f
Call Of Duty: Modern Warfare 3 NULL Pointer Dereference
Posted Nov 14, 2012
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This paper describes a pre-auth server-side NULL pointer dereference vulnerability in Call Of Duty: Modern Warfare 3, which is due to an issue related to the DemonWare6 query packets. This vulnerability can be exploited to perform Denial of Service (DoS) attacks against game servers.

tags | advisory, denial of service
SHA-256 | 1db66d6df1c094eebc40c0809e56c80069be073ae8a823feafea42632a3104da
Steam Browser Protocol Insecurity
Posted Oct 16, 2012
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

In this paper the authors uncover and demonstrate a novel and interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known Steam3 platform as an attack vector against remote systems.

tags | paper, remote, local, vulnerability
SHA-256 | 57c4272e83ee441c391a6f412f9d691391e59e3704ad2da10b6aa6bdd6606b73
Owning A Cop Car
Posted May 3, 2011
Authored by Kevin Finisterre

This paper details how poorly Linux devices in cop cars are set up and how their lack of a secure design puts everyone at risk.

tags | exploit
systems | linux
SHA-256 | fc7efa4a04b53671d3343de2d1e7775fdccf6bd40812c3090eabe0d4f58c410b
fingerprinting.txt
Posted May 16, 2000
Authored by Lance Spitzner | Site enteract.com

IDing remote hosts, without them knowing. This paper details the process of Passive Fingerprinting. Passive fingerprinting is based on sniffer traces from the remote system. Instead of actively querying the remote system, all you need to do is capture packets sent from the remote system. Based on the sniffer traces of these packets, you can determine the operating system of the remote host. Just like in active fingerprinting, passive fingerprinting is based on the principle that every operating system's IP stack has its own idiosyncrasies. By analyzing sniffer traces and identifying these differences, you may be able to determine the operating system of the remote host. Craig Smith has written a proof of concept tool called passfing.tar.gz.

tags | paper, remote, proof of concept
SHA-256 | a1f307232d25c3c33667a984bcfb4fee678e8e8d1ba6ef3f1c97fe30acfec9b9
DDSA_Defense.htm
Posted Feb 16, 2000
Authored by Simple Nomad | Site razor.bindview.com

Distributed Denial of Service Defense Tactics - This paper details some practical strategies that can be used by system administrators to help protect themselves from distributed denial of service attacks as well as protect themselves from becoming unwitting attack nodes against other companies.

tags | denial of service
SHA-256 | d0f80557044b2a18453f2dc7582595ddb3ce718da4f6063550bdaf18440afa5b
probes.html
Posted Aug 17, 1999
Authored by Ron Gula

"How to Handle and Identify Network Probes" - "Do you know what to do when suspicious network probes are detected on your network? It's surprising, but many people do not follow common sense and simple logic when analyzing malicious network activity. Even worse, when contacting other organizations to complain, security incidents can be misrepresented because all of the facts are not in order, incorrect or even erroneous theories. This paper details a variety of steps that you can take to get the most effectiveness and accuracy from your intrusion detection system. It also concentrates on determining the who, what, why, where, when and how of any network security event so that you can accurately relay this information to others."

tags | paper
SHA-256 | 8056f5f6db5b5bbbe1618e8241afeacea7523abaf7f66cd4434327c687d8bff4
probes.txt
Posted Aug 17, 1999
Authored by Ron Gula

"How to Handle and Identify Network Probes" - "Do you know what to do when suspicious network probes are detected on your network? It's surprising, but many people do not follow common sense and simple logic when analyzing malicious network activity. Even worse, when contacting other organizations to complain, security incidents can be misrepresented because all of the facts are not in order, incorrect or even erroneous theories. This paper details a variety of steps that you can take to get the most effectiveness and accuracy from your intrusion detection system. It also concentrates on determining the who, what, why, where, when and how of any network security event so that you can accurately relay this information to others."

tags | paper
SHA-256 | fb414ed56daf127bd1294a87bdccf553ac30fbc408b5323609313d20687c0b94
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close