exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Atstake Security Advisory 03-07-31.1
Posted Aug 5, 2003
Authored by Atstake, Andreas Junestam | Site atstake.com

Atstake Security Advisory A073103-1 - Three vulnerabilities exist in the McAfee Security ePolicy Orchestrator Server and Agent that allow an attacker to anonymously execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2003-0148, CVE-2003-0149, CVE-2003-0616
SHA-256 | 39c4da258d3c16be42e6d5d36b203ec57d8400c5e932a4dfde6e4c3688971f66

Related Files

A Review Of Fuzzing Tools And Methods
Posted Apr 8, 2017
Authored by James Fell

This paper reviews fuzzing and its context within the field of information security research. We firstly examine how vulnerabilities come to exist in software and how security researchers find them. After a brief overview of common vulnerability types and methods of static analysis, we look in more depth at the field of fuzzing. Competing approaches to fuzzing are examined, from simple random inputs all the way to using genetic algorithms and taint analysis. The importance of measuring code coverage to evaluate the completeness of a fuzzing campaign is examined. Finally, previous work on fuzz testing of web browsers is reviewed.

tags | paper, web, vulnerability
SHA-256 | 847622b4537e1334fad9504003ab57fb51baf3575e0822fba4b6117eb8be63d2
A-PDF WAV to MP3 1.0.0 Buffer Overflow
Posted Sep 19, 2013
Authored by Dr_IDE, dookie, d4rk-h4ck3r | Site metasploit.com

This Metasploit module exploits a buffer overflow in A-PDF WAV to MP3 version 1.0.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-67241
SHA-256 | c36f8e21b4b97cee5ba878b04ceb9d74b2c3487cf9055592c90c45c97711c507
A Short Guide On ARM Exploitation
Posted Feb 13, 2013
Authored by Aditya Gupta, Gaurav Kumar

This document is a short guide on ARM exploitation and architecture.

tags | paper
SHA-256 | eb11c5954a8a1ffe7fe345267174615ea26305cce19dcecad07807f79430e55d
A-PDF WAV to MP3 v1.0.0 Buffer Overflow
Posted Aug 24, 2010
Authored by Dr_IDE, dookie, d4rk-h4ck3r | Site metasploit.com

This Metasploit module exploits a buffer overflow in A-PDF WAV to MP3 v1.0.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
SHA-256 | 98f77271a20e935a5608bf3a7851354616670e5d252200c33c57d725a70cc30e
A Practical Message Falsification Attack On WPA
Posted Aug 26, 2009
Authored by Masakatu Morii, Toshihiro Ohigashi

Whitepaper called A Practical Message Falsification Attack on WPA.

tags | paper
SHA-256 | e4508ac705e974e5997e8f259c77fb0c5a4426a86c4bc54012872d08daa7d98d
A-comparative-study-of-anomaly-detection-schemes-in-network-intrusion-detection.pdf
Posted Nov 1, 2006

A comparative study of anomaly detection schemes in network intrusion detection.

tags | paper
SHA-256 | b9928e0c57d7fdc9212d412d47a979bfa6ae04da6fed4884e9c6313b71e3f0c1
A-Data-Mining-Framework-for-Building-IDS.pdf
Posted Nov 1, 2006

A Data Mining Framework for Building Intrusion Detection Models.

tags | paper
SHA-256 | 60d04b31fcfe448027bbb5860b8344475e331292a2f38a9c58a5f6bf8565794d
A-Framework-For-An-Adaptive-Intrusion-Detection-System.pdf
Posted Nov 1, 2006

A Framework For An Adaptive Intrusion Detection System with Data Mining.

tags | paper
SHA-256 | 8f6eb99f5161f3bdc97f1b2abc1790661385fcd2a732370cb3a64ad0d76ff3b4
A-Framework-for-Classifying-DoS-Attacks.pdf
Posted Nov 1, 2006

A Framework for Classifying Denial of Service Attacks.

tags | paper, denial of service
SHA-256 | 6bb2ae1d0f82b729c5207119d92f40b2d239e203a10af9bec1f54258ede9691e
A-Framework-for-Constructing-Features-and-Models-for-IDS.pdf
Posted Nov 1, 2006

A Framework for Constructing Features and Models for Intrusion Detection Systems.

tags | paper
SHA-256 | f61527cf4af2510db8ad35437d3eb26e96999237907e12a510de0e49b2733a31
A-Geometric-Frameowkr-for-Unsupervised-Anomaly-Detection.pdf
Posted Nov 1, 2006

A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data.

tags | paper
SHA-256 | 0449a5f802f6d128eb3b915c406f89489a0cd361eccb64aa70000c137ec98639
A-Learning-Based-Approach-to-the-Detection-of-SQL-Attacks.pdf
Posted Nov 1, 2006

A Learning Based Approach to the Detection of SQL Attacks.

tags | paper
SHA-256 | fb14d0903dcb142210d09d168d0e7272d143fb9ec59f4aea8414793dabf2f3d3
A-Multi-model-Approach-to-the-Detection-of-Web-based-Attacks.pdf
Posted Nov 1, 2006

A Multimodel Approach to the Detection of Web-based Attacks.

tags | paper, web
SHA-256 | 9117f01a49f372f1077722bd13c30ab099dadef91785ce47ff698440299999b1
A-Real-Time-IDS-based-on-Learning.pdf
Posted Nov 1, 2006

A RealTime Intrusion Detection System based on Learning Program Behavior.

tags | paper
SHA-256 | 0e8a47781283f6cc330dddf6e88f496211be2a23d3b455a2013438fb5378ecbb
A-Blog.txt
Posted Oct 3, 2006
Authored by Drago84

A-Blog suffers from a flaw that allows for remote file inclusion.

tags | exploit, remote, file inclusion
SHA-256 | 1077d5570f91f0cc564ced7475bf18b618b5bb275d07873b4d21b2b2e7fe39b0
A.I-Pifou.txt
Posted Oct 2, 2006
Authored by cdg393

A.I-Pifou suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f3f64ff457cc433ba6113ef296b1b67f75dd4d7a83ea037ff5f6b0b064981e72
A_Modular_Approach_to_Data_Validation_v1.0.pdf
Posted Apr 12, 2006
Authored by Stephen de Vries | Site corsaire.com

This paper presents a modular approach to performing thorough data validation in modern web applications so that the benefits of modular component based design; extensibility, portability and re-use can be released. The paper begins with an explanation of the vulnerabilities introduced through poor validation and then goes on to discuss the merits of a number of common data validation methodologies. A modular approach is introduced together with practical examples of how to implement such a scheme in a web application. It also provides information on common attack vectors, principles of validation, a modular solution and implementation of that solution.

tags | paper, web, vulnerability
SHA-256 | d6ea21e85a8e50b5eb5abc46932d07593292a7f8f5443ced84aadf093a2415ae
Atstake Security Advisory 04-09-28.1
Posted Oct 7, 2004
Authored by Atstake, Cory Scott | Site atstake.com

Atstake Security Advisory A092804-1 - In the default installation of Vignette portal software, the utility is not secured against anonymous and unauthenticated access. Since many portal deployments are on the Internet or exposed to untrusted networks, this results in an information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2004-0917
SHA-256 | a8325ff2a0095531d4190a7c7f60437fa2c9dbffbca33fe8c429792d88f520fb
Atstake Security Advisory 04-09-13.2
Posted Sep 15, 2004
Authored by Atstake, James Vaughan | Site atstake.com

Atstake Security Advisory A091304-2 - A vulnerability in the HTTP management interface of the Pingtel Xpressa phone enables a remote authenticated attack to cause the underlying VxWorks operating system to stop.

tags | advisory, remote, web
SHA-256 | 06fd96368b13cff6c5011a555781244b333d9af19a094cd41d33e938beb1d104
Atstake Security Advisory 04-09-13.1
Posted Sep 15, 2004
Authored by Atstake, Katie Moussouris, Luis Miras | Site atstake.com

Atstake Security Advisory A091304-1 - JumpDrive Secure(tm) Version 1.0 and Lexar Safe Guard(tm) software fail to securely store the device's password. The password is located on the JumpDrive device. It can be read directly from the device without any authentication. It is stored in an XOR encrypted form and can be read directly from the device without any authentication.

tags | advisory
SHA-256 | 19e3c98687b101bb6f65531e4ac0c37464aec24b77de3b222fbb5a7d29c84e77
Atstake Security Advisory 04-07-22.1
Posted Jul 23, 2004
Authored by Atstake, Jeremy Jethro | Site atstake.com

Atstake Security Advisory A072204-1 - A buffer overflow vulnerability was discovered in HP's implementation of the DCE endpoint mapper (epmap) which listens by default on TCP port 135. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary commands on the targeted system with the privileges of the DCED process which is typically run as the root user.

tags | advisory, overflow, arbitrary, root, tcp
advisories | CVE-2004-0716
SHA-256 | 758ce6bde29696c5e492573e6a282d47923e4dc99f30fa67a78d10b987b58df4
Atstake Security Advisory 04-07-13.1
Posted Jul 14, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A071304-1 - 4D WebSTAR versions 5.3.2 and below suffer from numerous vulnerabilities that allow for an attacker to escalate privileges or obtain access to protected resources. These include a remotely exploitable pre-authentication FTP overflow, directory indexing of any directory on the host, file disclosure of PHP.INI, and local privilege escalation and file overwrite via symbolic links.

tags | advisory, overflow, local, php, vulnerability
SHA-256 | 3687cf4f4805ebd7619c3a629f029fcea5cc0d6baf1031b38b9528d9e63c3d7c
Atstake Security Advisory 04-05-03.1
Posted May 7, 2004
Authored by David Goldsmith, Atstake, Dino Dai Zovi | Site atstake.com

Atstake Security Advisory A050304-1 - The AppleFileServer provides Apple Filing Protocol (AFP) services for both Mac OS X and Mac OS X server. AFP is a protocol used to remotely mount drives, similar to NFS or SMB/CIFS. There is a pre-authentication, remotely exploitable stack buffer overflow that allows an attacker to obtain administrative privileges and execute commands as root. Versions affected are Mac OS X 10.3.3, 10.3.2, and 10.2.8.

tags | advisory, overflow, root, protocol
systems | apple, osx
advisories | CVE-2004-0430
SHA-256 | d0a99458eaeba41776f013f6acd2684183376fa3765005d3b0854d047a21d569
Atstake Security Advisory 04-04-22.1
Posted Apr 24, 2004
Authored by Atstake, Jeremy Jethro | Site atstake.com

Atstake Security Advisory A042204-1 - The SiteMinder Affiliate Agent plugin version 4.x is susceptible to a remotely exploitable heap overflow when the SMPROFILE cookie is passed a large value. This affect the Solaris, Windows, and HP-UX platforms.

tags | advisory, overflow
systems | windows, solaris, hpux
advisories | CVE-2004-0425
SHA-256 | 147240362c1334eca1c5fd7b59f02a967e85d03c2689319c88c06052f2ca65cf
Atstake Security Advisory 04-02-23.1
Posted Feb 24, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A022304-1 - The ppp daemon that comes installed by default in Mac OS X is vulnerable to a format string vulnerability. It is possible to read arbitrary data out of pppd's process. Under certain circumstances, it is also possible to 'steal' PAP/CHAP authentication credentials.

tags | advisory, arbitrary
systems | apple, osx
advisories | CVE-2004-0165
SHA-256 | ac39259d91e80a21a84083dd2d5ed03a1ab274c26fa3d74162b3afe90c544152
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close