exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Barnaby Jack

First Active2003-09-11
Last Active2006-07-20
EEYE-dlink.txt
Posted Jul 20, 2006
Authored by Barnaby Jack | Site eeye.com

A remote stack overflow exists in a range of wired and wireless D-Link routers. This vulnerability allows an attacker to execute privileged code on an affected device. When a specific request is sent to an affected device, a traditional stack overflow is triggered allowing an attacker complete control of the router. With the ability to execute code on the device, it is then possible to apply modified firmware, and ultimately compromise the entire network.

tags | advisory, remote, overflow
SHA-256 | 25d882c6fb0ae5a475f5d6f2351d4ac9dc574a80eed93c6005f7c73dc6e35280
EEYE-ePolicy.txt
Posted Jul 15, 2006
Authored by Barnaby Jack, Derek Soeder | Site eeye.com

eEye Digital Security has discovered a serious flaw within the Framework Service component of the McAfee EPO management console. The Framework service is enabled and running by default on all servers and agents. The framework service listens by default on port 8081 and accepts requests over the HTTP protocol. The framework service allows for remotely submitting configuration and update changes. Each request is encrypted, SHA-1 hashed and DSA signed, and written to a file on disk. Due to a directory traversal attack, it is possible to write any file with any contents to anywhere on the remote system. This flaw allows a remote attacker to anonymously compromise an affected system and execute code within the SYSTEM context. Systems affected are McAfee Common Management (EPO) Agent versions below version 3.5.5.438.

tags | advisory, remote, web, protocol
SHA-256 | e8932eda7f9807583c185c48202c7d94d5af0ec25e49315aa830489d37bd37ed
eEye.CAlicense.txt
Posted Mar 3, 2005
Authored by Barnaby Jack | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered multiple stack-based vulnerabilities within the licensing component that processes incoming network requests in the Computer Associates License Management software.

tags | advisory, vulnerability
SHA-256 | 5797432c9b96dca5b15d0492af228f5700c812e44f776bf9de0dc187869c5343
eEye.symantecDNS2.txt
Posted May 13, 2004
Authored by Barnaby Jack, Karl Lynn, Derek Soeder | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a second vulnerability in the Symantec firewall product line that can be remotely exploited to cause a severe denial-of-service condition on systems running a default installation of an affected version of the product. By sending a single malicious DNS (UDP port 53) response packet to a vulnerable host, an attacker can cause the Symantec DNS response validation code to enter an infinite loop within the kernel, amounting to a system freeze that requires the machine to be physically rebooted in order to restore operation. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.

tags | advisory, kernel, udp
SHA-256 | 9586423e4a36c89f9ed7bf1939b4d9b4bc57ec4d8c57dca66ad3372b2230d08b
eEye.symantecDNS1.txt
Posted May 13, 2004
Authored by Barnaby Jack, Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a critical remote vulnerability within the Symantec firewall product line. A buffer overflow exists within a core driver component that handles the processing of DNS (Domain Name Service) requests and responses. By sending a DNS Resource Record with an overly long canonical name, a traditional stack-based buffer overflow is triggered. Successful exploitation of this flaw yields remote KERNEL access to the system. With the ability to freely execute code at the Ring 0 privilege level, there are literally no boundaries for an attacker. It should also be noted, that due to a separate design flaw in the firewalls handling of incoming packets, this attack can be successfully performed with all ports filtered, and all intrusion rules set. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.

tags | advisory, remote, overflow, kernel
SHA-256 | e473df5134bac9a2cc199d33e7d6e380a34d5d87ed5086575e9a0e9f4c5e035f
rpcagain.txt
Posted Sep 11, 2003
Authored by Barnaby Jack | Site eEye.com

eEye Digital Security has discovered a critical remote vulnerability in the way Microsoft Windows handles certain RPC requests. A vulnerability exists within the DCOM (Distributed Component Object Model) RPC interface. Sending a malformed request packet, it is possible to overwrite various heap structures and allow the execution of arbitrary code. Note: this vulnerability differs from the vulnerability publicized in Microsoft Bulletin MS03-026.

tags | advisory, remote, arbitrary
systems | windows
SHA-256 | f689147bd2508bf3e6d1fbd617e83c294c0b6a73992a8551f67234a00531c929
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close