Security – Page 26 – :: Deepquest ::

>> [local] – Chasys Draw IES Buffer Overflow

USER: deepcore // 2013-08-15 // 0 CMT

Chasys Draw IES Buffer Overflow

>> [remote] – Ultra Mini HTTPD Stack Buffer Overflow

USER: deepcore // 2013-08-15 // 0 CMT

Ultra Mini HTTPD Stack Buffer Overflow

>> [remote] – MiniWeb (Build 300) Arbitrary File Upload

USER: deepcore // 2013-08-15 // 0 CMT

MiniWeb (Build 300) Arbitrary File Upload

>> [webapps] – w-CMS 2.0.1 – Remote Code Execution Vulnerability

USER: deepcore // 2013-08-15 // 0 CMT

w-CMS 2.0.1 – Remote Code Execution Vulnerability

>> Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify()

USER: deepcore // 2013-08-14 // 0 CMT

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This vulnerability allows for remote code execution

>> Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

USER: deepcore // 2013-08-14 // 0 CMT

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

>> [remote] – Open-FTPD 1.2 Arbitrary File Upload

USER: deepcore // 2013-08-13 // 0 CMT

Open-FTPD 1.2 Arbitrary File Upload

>> [remote] – HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

USER: deepcore // 2013-08-13 // 0 CMT

HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

>> [remote] – MinaliC Webserver 2.0.0 – Buffer Overflow (Egghunter)

USER: deepcore // 2013-08-13 // 0 CMT

MinaliC Webserver 2.0.0 – Buffer Overflow (Egghunter)

>> [dos] – onehttpd 0.7 – Denial of Service

USER: deepcore // 2013-08-13 // 0 CMT

onehttpd 0.7 – Denial of Service