Showing 1 - 7 of 7

Files from Brett Gervasoni

Adobe Reader 9.3.4 Multiple Memory Corruption Issues: Posted Oct 8, 2010; Authored by Brett Gervasoni | Site senseofsecurity.com.au; Adobe Reader version 9.3.4 is vulnerable to multiple memory corruption vulnerabilities. By sending specially crafted PDF files it is possible to cause memory corruption in the 3difr and AcroRd32.dll modules. Both issues trigger a null pointer condition which results in an access violation. The issue in AcroRd32.dll is triggered when Adobe Reader is closed.; tags | advisory, vulnerability; advisories | CVE-2010-3630; SHA-256 | 8cc088f240fc45c266a250afb545cea36a5bbe247a4e721a59aa2a79ae7d9a37; Download | Favorite | View

Write-To-File Shellcode: Posted Jul 9, 2010; Authored by Brett Gervasoni | Site senseofsecurity.com.au; 278 bytes small write-to-file shellcode that writes the word pwned to a text file titled f.txt in the current working directory.; tags | shellcode; SHA-256 | fb57669413ae8633c51d2bf538c0ed15eb323bac6e59fe689cabe6326fd2b66a; Download | Favorite | View

Apache 2.2.14 mod_isapi Remote SYSTEM Exploit: Posted Mar 6, 2010; Authored by Brett Gervasoni | Site senseofsecurity.com.au; Apache version 2.2.14 mod_isapi remote SYSTEM exploit. Due to the nature of the vulnerability, and exploitation method, DEP should be limited to essential Windows programs and services. At worst, if DEP is enabled for the Apache process, you could cause a constant DoS by looping this (since apache will automatically restart).; tags | exploit, remote; systems | windows; advisories | CVE-2010-0425; SHA-256 | c783414f79f43dcae00ce4cd44e85c324652565b650c7c405e711ebdd5c30075; Download | Favorite | View

Apache 2.2.14 mod_isapi Dangling Pointer: Posted Mar 6, 2010; Authored by Brett Gervasoni | Site senseofsecurity.com.au; By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache 2.2.14 mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory and are called when published ISAPI functions are referenced. This results in a dangling pointer vulnerability. Successful exploitation results in the execution of arbitrary code with SYSTEM privileges.; tags | advisory, arbitrary; advisories | CVE-2010-0425; SHA-256 | 90f73578fb832e46f16d36335ab9911e89d608d85ddf6502b6fd7c3f8e006935; Download | Favorite | View

TheGreenBow VPN Client Local Stack Overflow: Posted Jan 22, 2010; Authored by Brett Gervasoni | Site senseofsecurity.com.au; TheGreenBow VPN Client is vulnerable to a local stack based buffer overflow which can lead to the compromise of a vulnerable system. The vulnerability is caused due to a boundary error when processing certain sections of tgb (policy) files. Passing an overly long string to "OpenScriptAfterUp" will trigger the overflow. Successful exploitation results in the execution of arbitrary code.; tags | advisory, overflow, arbitrary, local; SHA-256 | 1ffec12a678c5b206a9f84012a31ba855c8fdf3a743bd8d5c1d652387ca0644c; Download | Favorite | View

A5.1.zip: Posted Nov 25, 2008; Authored by Brett Gervasoni; An implementation of the A5/1 cipher written in C#. A5/1 is the current encryption cipher used in Telstra GSM phones.; tags | encryption; SHA-256 | d37e849ea29aaedf216357024b5e10bbb8b8f3c612ad613fb974907be687a51c; Download | Favorite | View

a51-php.txt: Posted Nov 25, 2008; Authored by Brett Gervasoni; An implementation of the A5/1 cipher written in PHP. A5/1 is the current encryption cipher used in Telstra GSM phones.; tags | encryption, php; SHA-256 | cadba26324b0e9e4f121129c2086166c670cbe02cdd5d75890fa68d5a1f16653; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days