exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files

security-nnov.kav.txt
Posted Feb 12, 2003
Authored by 3APA3A | Site security.nnov.ru

Kaspersky Antivirus (KAV) crashes when it tries access a path that has more the 256 characters. In addition to this vulnerability, a long path can be used to hide malware. Also, malware with specially crafted names are not detected by this anti-virus product. Tested on Kaspersky Antivirus 4.0.9.0.

tags | advisory, virus
SHA-256 | 6949810c13d2cba2796d0abbbae6962016128aba3acc695195bdaa032d0e85b3

Related Files

Case Study: Security Of Modern Bluetooth Keyboards
Posted Jun 22, 2018
Authored by Matthias Deeg, Gerhard Klostermeier

This whitepaper is a case study that analyzes the security of modern bluetooth keyboards. In the course of this research project, SySS GmbH analyzed three currently popular wireless keyboards using Bluetooth technology that can be bought on the Amazon marketplace for security vulnerabilities. The following three devices were tested for security issues from different attacker perspectives: 1byoneKeyboard, LogitechK480, and MicrosoftDesignerBluetoothDesktop (Model1678 2017).

tags | paper, vulnerability
SHA-256 | c3809eac9d774959095aaa64f57d5970b03ee8190b8247907992919c1953a04e
Kaspersky SSL Interception Differentiation
Posted Jan 3, 2017
Authored by Tavis Ormandy, Google Security Research

In order to inspect encrypted data streams using SSL/TLS, Kaspersky installs a WFP driver to intercept all outgoing HTTPS connections. They effectively proxy SSL connections, inserting their own certificate as a trusted authority in the system store and then replace all leaf certificates on-the-fly. This is why if you examine a certificate when using Kaspersky Antivirus, the issuer appears to be "Kaspersky Anti-Virus Personal Root". Kaspersky's certificate interception has previously resulted in serious vulnerabilities, but quick review finds many simple problems still exist. For example, the way leaf certificates are cached uses an extremely naive fingerprinting technique. Kaspersky cache recently generated certificates in memory in case the user agent initiates another connection. In order to do this, Kaspersky fetches the certificate chain and then checks if it's already generated a matching leaf certificate in the cache. If it has, it just grabs the existing certificate and private key and then reuses it for the new connection. The cache is a binary tree, and as new leaf certificates and keys are generated, they're inserted using the first 32 bits of MD5(serialNumber||issuer) as the key. If a match is found for a key, they just pull the previously generated certificate and key out of the binary tree and start using it to relay data to the user-agent. You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds. In fact, producing a collision with any other certificate is trivial.

tags | exploit, web, root, vulnerability, virus
SHA-256 | 62a363de88e0143fb1b6e4fbc89e03980ce4d3bb71f50510388690356f2ef1c2
Kaspersky Antivirus RAR File Format Parsing Memory Corruption
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing the RAR file format found multiple crashes, some of which are obviously exploitable for remote code execution as NT AUTHORITY\\SYSTEM on any system with Kaspersky Antivirus.

tags | advisory, remote, code execution
systems | linux
SHA-256 | 840a6644fa6473e395e71ccc99acd288e2ea564ff3edbc779548159cd42980df
Kaspersky Antivirus ZIP File Format Use-After-Free
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing the ZIP file format found multiple memory corruption issues, some of which are obviously exploitable for remote code execution as NT AUTHORITY\SYSTEM on any system with Kaspersky Antivirus.

tags | exploit, remote, code execution
systems | linux
SHA-256 | fc8862117299fd338cb8bbf77d3ccb922e26861f2ef48f8fe569ea1fedea5e5b
Kaspersky Antivirus Multiple Memory Corruption Issues
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

Kaspersky Antivirus suffers from multiple memory corruption issues.

tags | advisory
systems | linux
SHA-256 | 40d39044a86196b76ab3036cb625cd7d59575c7d6b723cfe1570dbcc20ce34ff
Kaspersky Antivirus Yoda's Protector Unpacking Remote Memory Corruption
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

The attached testcase was found by fuzzing packed PE files with Kaspersky Antivirus. The researcher suspects it was packed using "Yoda's protector". This vulnerability is obviously exploitable for remote code execution as NT AUTHORITY\SYSTEM on all systems using Kaspersky Antivirus.

tags | exploit, remote, code execution
systems | linux
SHA-256 | 3c3dd5acd1e83e6d651af0ce396c0ce5a329d99348391da8dcc96d1f2d9db389
Kaspersky Antivirus UPX Parsing Remote Memory Corruption
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

While fuzzing UPX packed files in Kaspersky Antivirus, a crash was discovered resulting in an arbitrary stack-relative write. This vulnerability is obviously remotely exploitable for remote code execution as NT AUTHORITY\SYSTEM.

tags | exploit, remote, arbitrary, code execution
systems | linux
SHA-256 | 873dde06402e643e7c58d92fa1292dd7bd56e1ac4926fee21503ce6e92227045
Kaspersky Antivirus PE Unpacking Integer Overflow
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

Kaspersky Antivirus PE unpacking suffers from an integer overflow vulnerability.

tags | exploit, overflow
systems | linux
SHA-256 | 5f6ace8e01df0d4d69eed14c4bfebe35cffb18417251166f12d0d919112d59ea
Kaspersky Antivirus ExeCryptor Parsing Memory Corruption
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing packed executables in Kaspersky Antivirus found an ExeCryptor parsing memory corruption vulnerability.

tags | exploit
systems | linux
SHA-256 | 9b88cbe181953642219bc9f3faab09f2d8454bba6f6371edce30a211c49ef39b
Kaspersky Antivirus CHM Parsing Remote Stack Buffer Overflow
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing CHM files with Kaspersky Antivirus produced a crash due to a stack buffer overflow vulnerability.

tags | exploit, overflow
systems | linux
SHA-256 | 955d664811abe68cd1b11cbbbfdcc3b1d291028188d72a8d67f997305e27df5c
Kaspersky Antivirus VB6 Parsing Integer Overflow
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing Kaspersky Antivirus VB6 executables produced a crash triggered by an integer overflow vulnerability.

tags | exploit, overflow
systems | linux
SHA-256 | c9ddc4ae299fb2e602e6dc2f065c0d2feca2d3364b70f32ea4e4bdc6ca8d7666
Kaspersky Antivirus DEX File Format Parsing Memory Corruption
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing the DEX file format found a crash that loads a function pointer from an attacker controlled pointer, on Windows this results in a call to an unmapped address. This is obviously exploitable for remote, zero-interaction code execution as NT AUTHORITY\SYSTEM on any system with Kaspersky Antivirus.

tags | exploit, remote, code execution
systems | linux, windows
SHA-256 | 26951261beb7ff1122009b4bec4c8a0f4705fa105a3613ecb9448249512fe065
Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow
Posted Oct 13, 2015
Authored by Tavis Ormandy, Google Security Research

The attached report and exploit were mailed to Kaspersky on 4th September 2015. The researcher is currently triaging about 230 more unique crashes. A remotely exploitable stack buffer overflow exists in the ThinApp container parsing. Kaspersky Antivirus and other products using the Kaspersky Engine (such as ZoneAlarm) are affected.

tags | exploit, overflow
systems | linux
SHA-256 | 5ca3b319ffad1c37c2dc2b79e408a60512af7b432dd0803fc5b707285145f8b8
Security Implications Of IPv6
Posted May 27, 2011
Authored by Fernando Gont

This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.

tags | paper
SHA-256 | c237c137715ec6c6b22b18847817cae159ad2b52af7a8aac8da06ea03c3945fd
Kaspersky Antivirus Code Injection
Posted May 3, 2010
Authored by Daniel Lopez

Kaspersky Antivirus versions 4.0.9.0, 5.0.712, 6.0.2.690 and 6.0.3.837 suffer from a code injection vulnerability.

tags | exploit
SHA-256 | 35da833f4eee17d383abe927792f7e22338810a7442ffde99adb3ee1acb060ce
SecurityTubeCon Call For Papers
Posted Sep 10, 2009
Site securitytube.net

SecurityTube.net is pleased to announce the CFP for SecurityTubeCon, the first hacker conference, to be held completely online! This conference will be held November 6th through the 8th, 2009.

tags | paper, conference
SHA-256 | d864c5180870c59e9bb08f13326a0e6a1201785bbba85dcba10adb7956e058fe
Whitepaper Called Security Of The Web
Posted Jul 14, 2009
Authored by kuze

Whitepaper called Security of the Web. This papers discusses how vulnerabilities have evolved over the years and how web applications have become a primary vector of attack. Written in German.

tags | paper, web, vulnerability
SHA-256 | b01009c26f448edb9d51f062cd833a792d4922e65d04bd11789adce0232206a4
Securitybyte / OWASP AppSec Asia Call For Papers
Posted Jul 7, 2009
Authored by Securitybyte CFP | Site securitybyte.org

The Security Byte and OWASP AppSec Asia conference call for papers has been announced. It will be held November 17th through the 20th, 2009 in New Delhi.

tags | paper, conference
SHA-256 | 17f76a326bcdb64098fbc50142c360dcb935456b4cbb41e26afa13952a419f7d
Kaspersky Klim5.sys Advisory
Posted Feb 2, 2009
Authored by Ruben Santamarta | Site wintercore.com

KIS 2008 and Kaspersky AntiVirus for Workstations suffer from a local privilege escalation vulnerability in Klim5.sys.

tags | advisory, local
SHA-256 | 986d0ad816e789cda1a3b6e60acf76a92dd2c3e35c8b13cf6af11184f8f77d00
Kaspersky Klim5.sys Privilege Escalation Exploit
Posted Feb 2, 2009
Authored by Ruben Santamarta | Site wintercore.com

KIS 2008 and Kaspersky AntiVirus for Workstations local privilege escalation exploit for Klim5.sys.

tags | exploit, local
SHA-256 | 85cd67d9a7dd14368a87ecb0b6e2697b18ac25ac9ed708ce4af6e323ab93fca8
Security_Testing_Enterprise_Messaging_Systems.pdf
Posted Jul 31, 2007
Authored by Andy Davis - IRMPLC, Phil Huggins | Site irmplc.com

This paper discusses potential security weaknesses that may be present in messaging systems either as a result of software flaws, application design or the misconfigurations of services. It focuses on TIBCO Rendezvous, as an example of a commonly used enterprise messaging system. Recommendations are then presented which mitigate these security issues.

tags | paper
SHA-256 | 30f5a8238e6edc015d11426f17a737139cb286ac98539e6c0c99d7c160fc1c83
securityreporter-traverse.txt
Posted Jul 24, 2007
Authored by Oliver Karow | Site oliverkarow.de

SecurityReporter version 4.6.3 from Secure Computing suffers from an authentication bypass and directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | f4901ba96169fe7851bc008d68821446e8d148ac28c43703ca3180cbe68dbde8
iDEFENSE Security Advisory 2007-04-04.1
Posted Apr 5, 2007
Authored by iDefense Labs, Peter Vreugdenhil | Site idefense.com

iDefense Security Advisory 04.04.07 - Remote exploitation of a information disclosure vulnerability in Kaspersky AntiVirus 6 could allow malicious websites to steal files off of a user's machine. iDefense has confirmed the existence of this vulnerability in version 6.0 of Kaspersky Antivirus.

tags | advisory, remote, info disclosure
SHA-256 | b90f0bdcb2ad661747c567945e87febf3ab55b1c4b1b2989b69aa84c70bc6761
kav60-escalate.txt
Posted Jan 16, 2007
Authored by m4d | Site unl0ck.net

Kaspersky Antivirus version 6.0 local privilege escalation exploit.

tags | exploit, local
SHA-256 | 0ee25edafeac4992843e0e61d1ebbd53e92782b9e400cda1b22adb5b293b1336
iDEFENSE Security Advisory 2007-01-05.3
Posted Jan 13, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory - Remote exploitation of a DoS vulnerability in Kaspersky Lab's Antivirus could allow an attacker to cause a denial of service (DoS) condition. Kaspersky Antivirus is vulnerable to a DoS condition when processing a specially crafted PE (portable executable) file. One of the headers in a PE file is the Optional Windows Header section. This section of the PE header contains information needed by the Windows linker and loader. An invalid value for the 'NumberOfRvaAndSizes' field will cause Kaspersky to repeatedly seek and read from the same section of the file in an endless loop. iDefense has confirmed the existence of this vulnerability in Kaspersky Labs Antivirus Engine version 6.0 for Windows and 5.5-10 for Linux. Previous versions may also be affected. Any products that use the scanning engine are also affected. This includes the Kaspersky mail gateway scanner.

tags | advisory, remote, denial of service
systems | linux, windows
SHA-256 | be7e224cd831d1291162a9a587a53192f85770efc620bb3f05b516e727328395
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close