what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from FJ Serna

Email addressfjserna at ngsec.com
First Active2002-02-19
Last Active2004-08-26
Next Generation Security Advisory 2004.7
Posted Aug 26, 2004
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.

tags | advisory, local, registry
systems | windows
SHA-256 | 25183dcc3f859b4639c3d21491f15da6b81da0e387b46e9c99dcf6f07cb351fa
Download | Favorite | View
Next Generation Security Advisory 2004.6
Posted Aug 18, 2004
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2004-6 - The IPD, or Integrity Protection Driver, from Pedestal Software suffers from an unvalidated pointer referencing in some of its kernel hooks. Any local and unauthorized user can crash the system with some simple coding skills. Versions up to 1.4 are affected.

tags | advisory, kernel, local
SHA-256 | 50720f87318f3a42e9784937201bd48fcc7fed7624a51ca79ec89c25f61005c5
Download | Favorite | View
yabbs01.txt
Posted Apr 23, 2003
Authored by FJ Serna | Site ngsec.com

Next Generation advisory NGSEC-2003-5. YABBS, the popular BBS system for unix and Windows, has a vulnerability in the HttPush code that allows a remote attacker to inject evil code via its PHP language support.

tags | advisory, remote, php
systems | windows, unix
SHA-256 | a52311ed4ce82096496852dbff6937714db96a018f5f4bc4c0c30521de8a9711
Download | Favorite | View
iplanet-ngxss.sh
Posted Nov 19, 2002
Authored by FJ Serna | Site ngsec.com

iPlanet Remote root exploit tested on v4.x up to SP11. Advisory for this bug here.

tags | exploit, remote, root, xss
SHA-256 | 6dc8fcf2d54cb62c460e2ef5e5c338d9e564dbb51c7f51391e5af1338aea7bdc
Download | Favorite | View
Next Generation Security Advisory 2002.4
Posted Nov 19, 2002
Authored by FJ Serna, NGSSoftware | Site ngsec.com

The iPlanet WebServer v4.x up to SP11 contains vulnerabilities which allow remote root command execution by using a cross site scripting vulnerability to redirect the Administrator's browser to a URL in a vulnerable perl script that will cause the open() command injection.

tags | advisory, remote, root, perl, vulnerability, xss
SHA-256 | e6d57374873ddcf0334a40142fc81f76dc5c0eaf48548811bef588fe324a0d20
Download | Favorite | View
suse.dhcpd.txt
Posted May 24, 2002
Authored by SuSE Security, FJ Serna | Site suse.com

SuSE Linux Security Announcement SuSE-SA:2002:019 - ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack when reporting the result of a dns-update request. This affects SuSE distributions based upon 7.2, 7.3 and 8.0.

tags | remote, root
systems | linux, suse
SHA-256 | f689ab8829be49e2e200eda31af2d7bc7329c4feb1a4cc87cf59afb317e1112c
Download | Favorite | View
Next Generation Security Advisory 2002.3
Posted May 24, 2002
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2002-3 - Sun Solaris in.talkd is vulnerable to a remote root format string bug. An attacker can request a talk session with a especially crafted user field able to write memory and gain control of the flow of the in.talkd.

tags | remote, root
systems | solaris
SHA-256 | 7fa8d1d538e9e06e7e46c09cb39e2c8630bd909c9fbb9f637606a8b0e9b96d44
Download | Favorite | View
ngsec.dhcpd.txt
Posted May 10, 2002
Authored by FJ Serna | Site ngsec.com

ISC DHCPD in its version 3 introduced new dns-update features. ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack, while reporting the result of a dns-update request.

tags | remote, root
SHA-256 | a290c9d40604af3f940c6014c394c6ae911843feb29f15807b203cd233a48342
Download | Favorite | View
ettercap-0.6.3.txt
Posted Feb 19, 2002
Authored by FJ Serna | Site ngsec.com

Ettercap v0.6.3.1 and below advisory and remote root exploit against Linux. Due to improper use of the memcpy() function, anyone can crash ettercap and execute code as root user.

tags | exploit, remote, root
systems | linux
SHA-256 | 0707e613e12873f42925d43ba22b3e2a53a3329febbdea8c7110ba8cc31f4e41
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close