what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files

ATS 6.2.0 Denial Of Service
Posted Apr 18, 2017
Authored by Bryan Call

There is a vulnerability in ATS with the HPACK Bomb Attack that can lead to a denial of service vulnerability. Versions 6.0.0 to 6.2.0 are affected. Please upgrade to ATS 6.2.1 or 7.0.0.

tags | advisory, denial of service
advisories | CVE-2016-5396
SHA-256 | cce30cb7de97faec9ff6ac82fe129fe2f0047da211951cf689af0e98e9a18d82

Related Files

Cisco Jabber XMPP Stanza Smuggling
Posted Oct 20, 2022
Authored by Ivan Fratric, Google Security Research

There is a vulnerability in Cisco Jabber that allows an attacker to send arbitrary XMPP stanzas (XMPP control messages) to another Cisco Jabber client, including XMPP stanzas that are normally sent only by the trusted server.

tags | exploit, arbitrary
systems | cisco
advisories | CVE-2022-20917
SHA-256 | ed2115ba91caeae4b0245ae0141359b56fa7d27077ea7a8cb6d34c1aa2ad914c
Kik Messenger XMPP Stanza Smuggling
Posted Jun 10, 2022
Authored by Ivan Fratric, Google Security Research

There is a vulnerability in Kik Messenger for Android that allows an attacker to send arbitrary XMPP stanzas (XMPP control messages) to another Kik client, including XMPP stanzas that are normally sent only by the Kik server. Included is a proof of concept that demonstrates sending of the stc stanza which triggers a captcha dialog and opens an arbitrary attacker-control webpage on the victim client. However, the full impact is likely larger than this, and includes any application features accessible over XMPP.

tags | exploit, arbitrary, proof of concept
SHA-256 | 3f66b31a34e395df392668d6453b6eee4bbfd623765c95d99108116f95c8a143
PHP filter_var Bypass Patch
Posted Mar 29, 2022
Authored by Jordy Zomer

When the filter_var function is used in conjunction with the flags FILTER_VALIDATE_DOMAIN and FILTER_FLAG_HOSTNAME, there is a vulnerability in PHP that allows the filter to be bypassed. A patch has been included by the researcher as the PHP security team seems to have ignored this concern.

tags | advisory, php, patch, bypass
systems | unix
SHA-256 | adddea024dbdd005a547c113193969e21a6c422c65e5611f207efd46bf8ae635
Internet Explorer jscript9.dll Memory Corruption
Posted Jun 9, 2021
Authored by Ivan Fratric, Google Security Research

There is a vulnerability in jscript9 that could potentially be exploited to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2020-1380, CVE-2021-31959
SHA-256 | 606c70d052dc8c1d7e1341312dd04cc58864a77781e24662e763b3034ce543ce
Internet Explorer jscript9.dll Memory Corruption
Posted May 13, 2021
Authored by Ivan Fratric, Google Security Research

There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2021-26419
SHA-256 | a69629e9e2a8eed322ffb78022a68eb8a35d57aa71fce77bfd75edc522377bec
usersctp sctp_load_addresses_from_init Out-Of-Bounds Read
Posted Feb 7, 2020
Authored by Google Security Research, natashenka

usersctp is SCTP library used by a variety of software including WebRTC. There is a vulnerability in the sctp_load_addresses_from_init function of usersctp that can lead to a number of out-of-bound reads. The input to sctp_load_addresses_from_init is verified by calling sctp_arethere_unrecognized_parameters, however there is a difference in how these functions handle parameter bounds. The function sctp_arethere_unrecognized_parameters does not process a parameter that is partially outside of the limit of the chunk, meanwhile, sctp_load_addresses_from_init will continue processing until a parameter that is entirely outside of the chunk occurs. This means that the last parameter of a chunk is not always verified, which can lead to parameters with very short plen values being processed by sctp_load_addresses_from_init. This can lead to out-of-bounds reads whenever the plen is subtracted from the header len.

tags | exploit
SHA-256 | 97c80f0acd4440a67c9cef234fa02985f9feafd4eb0418feb0ed3a434ae21930
Fortinet Single Sign On Stack Overflow
Posted Mar 19, 2015
Authored by Core Security Technologies, Andres Lopez Luksenberg, Enrique Nissim

Core Security Technologies Advisory - There is a vulnerability in the message dispatcher used by FSSO Windows Active Directory and FSSO Novell eDirectory. Exploitation of this vulnerability might lead to a full network compromise.

tags | exploit
systems | windows
advisories | CVE-2015-2281
SHA-256 | 71db9f10f9b435818bd0d386e8d452b7c9164712db61efab96b1aeb19649e8bc
Zero Day Initiative Advisory 12-138
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-138 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Business Objects Financial Consolidation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CtAppReg.dll. In the Check function, there is a vulnerability in the handling of the username parameter. If an overly long string is used as the username, it can overwrite heap memory. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
SHA-256 | 71f5cfb590cb170041ac772bc7eb8657757c72abff12510ade4581f83a51f776
Apache Traffic Server Host Header Denial Of Service
Posted Mar 23, 2012
Site trafficserver.apache.org

Apache Traffic Server versions prior to 3.0.4 as well as all development releases prior to 3.1.3 suffers from a remote denial of service vulnerability.

tags | advisory, remote, denial of service
advisories | CVE-2012-0256
SHA-256 | 50e45d1fc3c80f0ffd90567d914e2c37381b34984bd4609430830c12a4807cc9
Technical Cyber Security Alert 2010-159A
Posted Jun 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-159A - According to Adobe, there is a vulnerability in Adobe Flash. This vulnerability affects Flash Player, Reader, Acrobat, and possibly other products that support Flash. A remote attacker could exploit this vulnerability to execute arbitrary code.

tags | advisory, remote, arbitrary
SHA-256 | 92d4d10d9876e9f473c2b97c245bf320a1cd8e2ed321e0718a268d019d732f99
Windows Media Audio Voice Decoder Code Execution
Posted Oct 15, 2009
Authored by Ivan Fratric

There is a vulnerability in Windows Media Audio Voice decoder distributed with Windows Media Player that allows remote code execution by opening a specially crafted web page.

tags | advisory, remote, web, code execution
systems | windows
advisories | CVE-2009-0555
SHA-256 | b13d4b308ea79c8f831f71e5cd1f0456f63eb50ba6410288c818e83acdcbdff6
Arcade Trade Script 1.0b Authentication Bypass
Posted Aug 25, 2009
Authored by Mr.tro0oqy

Arcade Trade Script version 1.0b suffers from an authentication bypass vulnerability due to an insecure cookie issue.

tags | exploit, bypass, insecure cookie handling
SHA-256 | e1127a1055dd8221256b2a446059fc24b7e7e6d68ae157be7ddf197ecea7ccdd
AD20071211.txt
Posted Dec 12, 2007
Authored by Sowhat | Site nevisnetworks.com

There is a vulnerability in TrendMicro Antivirus, which allows an attacker to escalate to SYSTEM privileges, cause a denial of service, or potentially execute arbitrary code.

tags | advisory, denial of service, arbitrary
SHA-256 | cbbe329974518f2285471fa2997e42aa2c2f547dfec54c5cfd80f713192ff19c
ATSA-2007-001.txt
Posted Apr 17, 2007
Authored by iDefense, FortiNet | Site akamai.com

Akamai Technologies Security Advisory 2007-0001 - Two security vulnerabilities have been discovered in the ActiveX version of Akamai Download Manager. For successful exploitation, both vulnerabilities require the user to visit a malicious URL, triggering a stack-based buffer overflow that allows the attacker to execute arbitrary code within the context of the victim.

tags | advisory, overflow, arbitrary, vulnerability, activex
advisories | CVE-2007-1891, CVE-2007-1892
SHA-256 | dbbaf096163cf2efc8265445fa804f02abd06396737956dba892bb7bf7981d35
AtStakeTools.zip
Posted Oct 9, 2006
Site atstake.com

This is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics.

tags | tool, forensics
SHA-256 | 940a982de22b2a16a77c8a9239a4c129a32c00662e680f91e813279358ce0ef0
msterminal.txt
Posted Aug 27, 2006
Authored by Bill Littlejohn

There is a vulnerability in Microsoft Terminal Server when an application is specified for the user instead of a full Windows Desktop. It is possible to easily cause an error in explorer.exe and to gain access to a full Desktop. This is an issue for anyone publishing applications through TS to domain users who also logon to full desktops either on the TS or on another machine.

tags | advisory
systems | windows
SHA-256 | d64c9d402f1bb8e25e76432b26bcff82f0808bc359afaae44e10c6fe851b3e67
AD20060428.txt
Posted Apr 29, 2006
Site secway.org

There is a vulnerability exists in WinISO and UltraISO, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability has been confirmed in version WinISO 5.3,UltraISO V8.0.0.1392, PowerISO v2.9,Magic ISO 5.0 Build 0166

tags | advisory
SHA-256 | 71af3606163dc754a646b1ae9fe7da5983c7be7d2835bd08dc5f40059c5be068
Rapid7 Security Advisory 23
Posted Apr 26, 2006
Authored by Rapid7 | Site rapid7.com

Rapid7 Advisory R7-0023 Symantec Scan Engine File Disclosure Vulnerability: There is a vulnerability in Symantec Scan Engine which allows unauthenticated remote users to download any file located under the Symantec Scan Engine installation directory. For instance the configuration file, the scanning logs, as well as the current virus definitions can all be accessed by any remote user using regular or specially crafted HTTP requests.

tags | advisory, remote, web, virus
SHA-256 | 4d71a2eee193a1059c22b4bd1473d7dc6d0355eb591b5b52a8dcd408efd6d8e8
javaDoS.txt
Posted Mar 8, 2006
Authored by porkythepig

There is a vulnerability in the Internet Explorer java applet handling engine. It occurs while running the Sun Microsystems Java VM and is caused by improper HTML 'INPUT' control focus handling.

tags | advisory, java
SHA-256 | 7fc80c9a3057321503601fb3558a3314e44fb3cb052789ba63e99397266d1ddd
parosproxy.txt
Posted Nov 5, 2005
Authored by Marc Schoenefeld

There is a vulnerability with how JDK is used with Parosproxy that allows the JDBC to be used as an attack path.

tags | advisory
SHA-256 | 4f3fa44948cb97b0233e4284486e6b495f394d9dbae1b2fe29d244a601741407
Venustech AD-Lab Advisory 2004.6
Posted Dec 31, 2004
Authored by Bejing Venustech, Keji

Venustech AD-Lab Advisory AD_LAB-04006 - There is a vulnerability in Microsoft Windows .hlp file parsing program winhlp32.exe. The vulnerability is caused due to a decoding error within the windows .hlp header processing. This can be exploited to cause a heap-based buffer overflow. Vulnerable: Windows NT, Windows 2000 SP0, Windows 2000 SP1, Windows 2000 SP2, Windows 2000 SP3, Windows 2000 SP4, Windows XP SP0, Windows XP SP1, Windows 2003.

tags | advisory, overflow
systems | windows
SHA-256 | a4d0f4fd5ceaadb1c6e0a8112c7289a3a1d44aa6bc11cd18346109a009cb1efb
Technical Cyber Security Alert 2004-316A
Posted Nov 12, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-316A - There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.

tags | advisory, denial of service
systems | cisco
SHA-256 | 6d7e0df60be9abbc7bb549866d6dd8df85bbe76ad2cdc57356c933aab7f8eb8e
coldfusionmx61.txt
Posted Oct 7, 2004
Authored by Eric Lackey

There is a vulnerability in ColdFusion MX 6.1 when a user can create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled.

tags | exploit
SHA-256 | b35cc809e881359da234ac0dce6ce8d8cc7a7743cecbf5078cdcc0b3ca19a324
Technical Cyber Security Alert 2004-111A
Posted Apr 23, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-111A - Most implementations of the Border Gateway Protocol (BGP) rely on the Transmission Control Protocol (TCP) to maintain persistent unauthenticated network sessions. There is a vulnerability in TCP which allows remote attackers to terminate network sessions. Sustained exploitation of this vulnerability could lead to a denial of service condition; in the case of BGP systems, portions of the Internet community may be affected. Routing operations would recover quickly after such attacks ended.

tags | advisory, remote, denial of service, tcp, protocol
advisories | CVE-2004-0230
SHA-256 | 87abe76f79966ccb0bb1d2db57638d4e04e2229bc713af44e5c5bafb11865668
Technical Cyber Security Alert 2004-111B
Posted Apr 20, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-111B - There is a vulnerability in Cisco's Internetwork Operating System (IOS) SNMP service. When vulnerable Cisco routers or switches process specific SNMP requests, the system may reboot. If repeatedly exploited, this vulnerability could result in a sustained denial of service (DoS).

tags | advisory, denial of service
systems | cisco
SHA-256 | 3fed4b1233387104fb4e7e1bcf2dc6aba32e42412482673afff6ef774107c8b3
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close