what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files from Donato Ferrante

Email addressfdonato at autistici.org
First Active2004-01-08
Last Active2015-03-06
Nvidia Mental Ray Satellite Service Arbitrary DLL Injection
Posted Mar 6, 2015
Authored by Luigi Auriemma, Donato Ferrante | Site metasploit.com

The Nvidia Mental Ray Satellite Service listens for control commands on port 7414. When it receives the command to load a DLL (via an UNC path) it will try to connect back to the host on port 7514. If a TCP connection is successful it will then attempt to load the DLL. This Metasploit module has been tested successfully on Win7 x64 with Nvidia Mental Ray Satellite Service v3.11.1.

tags | exploit, tcp
SHA-256 | d20a1acb01b0356c8f7a9dfb93f9f6c186f8a9c91ae2ee919bd91f597ae8afef
Owning Render Farms Via NVIDIA Mental Ray
Posted Dec 10, 2013
Authored by Luigi Auriemma, Donato Ferrante

This paper details a vulnerability affecting NVIDIA mental ray, which allows an attacker to take control over a mental ray based render farm.

tags | paper
SHA-256 | 775f48d6630d6aac147c8f09fc15e01a82cf693584d38a901be40b58fff0f320
Game Engines: A 0-Day's Tale
Posted May 20, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This paper details several issues affecting different game engines. All the vulnerabilities discussed in this paper are 0-days, at time of writing. This paper has been released as a companion paper along with the authors' talk Exploiting Game Engines For Fun And Profit presented at the NoSuchCon conference.

tags | paper, remote, local, vulnerability
SHA-256 | d6ecd8f4c602a765dcc75745f021e2021968f2607ffd8bafed3a506e1bda08ed
Exploiting Game Engines For Fun and Profit
Posted May 19, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This presentation discusses what to look for and how to go about exploiting game engines.

tags | paper
SHA-256 | 19c17c8c8f9f909e61f6f1dc27550abd5f28f40ed4090d437df048b0efb363af
EA Origin Insecurity
Posted Mar 18, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

In this paper the authors uncover and demonstrate an interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known EA Origin platform as an attack vector against remote systems. The attack proposed in this paper is similar to the attack targeting the Steam platform that they detailed in their previous research. The Origin attack detailed in this paper affects more than 40 million Origin users.

tags | advisory, remote, local, vulnerability
SHA-256 | 49def0264cec468ffef03ccdced1ff431068dffff126aca570d55caf707dd49f
Call Of Duty: Modern Warfare 3 NULL Pointer Dereference
Posted Nov 14, 2012
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This paper describes a pre-auth server-side NULL pointer dereference vulnerability in Call Of Duty: Modern Warfare 3, which is due to an issue related to the DemonWare6 query packets. This vulnerability can be exploited to perform Denial of Service (DoS) attacks against game servers.

tags | advisory, denial of service
SHA-256 | 1db66d6df1c094eebc40c0809e56c80069be073ae8a823feafea42632a3104da
Steam Browser Protocol Insecurity
Posted Oct 16, 2012
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

In this paper the authors uncover and demonstrate a novel and interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known Steam3 platform as an attack vector against remote systems.

tags | paper, remote, local, vulnerability
SHA-256 | 57c4272e83ee441c391a6f412f9d691391e59e3704ad2da10b6aa6bdd6606b73
directContact03b.txt
Posted Mar 2, 2006
Authored by Donato Ferrante | Site autistici.org

DirectContact version 0.3b is susceptible to a classic directory traversal attack.

tags | exploit
SHA-256 | 34922012bb4c31ade3163c42cd6ddfec78315b1faa3a02f8841fd373069632e5
homeserver107.txt
Posted Aug 25, 2005
Authored by Donato Ferrante | Site autistici.org

Home FTP Server version 1.0.7 b45 suffers from information disclosure and directory traversal flaws.

tags | advisory, info disclosure
SHA-256 | 7851cce7cc1179707f46cc1835af116df83aa2c4ba71b04748ea12bd45069870
wftp168.txt
Posted Aug 18, 2005
Authored by Donato Ferrante | Site autistici.org

WinFTP Server version 1.6.8 suffers from a Unicode buffer overflow.

tags | advisory, overflow
SHA-256 | ab27d046e0f4447dc1ecf476c43ed829dad3671be63c87b0b1920cc65e40a8c5
simplecam12.txt
Posted Aug 6, 2005
Authored by Donato Ferrante | Site autistici.org

SimpleCam 1.2 suffers from a directory traversal flaw.

tags | exploit
SHA-256 | d4e58f065d5c7588a794c9e5395507eab6a319a2473bb1d69625b852d95f74e6
vcs100.txt
Posted Jul 2, 2005
Authored by Donato Ferrante | Site autistici.org

Video Cam Server version 1.0.0 is susceptible to a directory traversal attack.

tags | exploit
SHA-256 | ada3a5328ddaa14bdc136ad11e095dc6ab58a6c24f3b0f31394aa705cb84dc7d
yawcam025.txt
Posted Jun 1, 2005
Authored by Donato Ferrante | Site autistici.org

Yawcam 0.2.5 suffers from a directory traversal flaw.

tags | exploit
SHA-256 | b182d057b90cd3f81c55e8e073477556ee02a409f252428b6e2bfb479dd98c59
RaidenHTTPD.txt
Posted Feb 6, 2005
Authored by Donato Ferrante | Site autistici.org

RaidenHTTPD version 1.1.27 is susceptible to a directory traversal flaw where any file can be extracted from the disk partition where the httpd is installed.

tags | exploit
SHA-256 | 269edca2c20fc62296721fc364efa750631965f3d26ff48a5c321679256841a2
lanchat1666c.txt
Posted Feb 5, 2005
Authored by Donato Ferrante | Site autistici.org

LANChat Pro Revival 1.666c suffers from a denial of service flaw due to a mishandling of malformed UDP packets.

tags | advisory, denial of service, udp
SHA-256 | 76f66f7589c9c61cc5603217be57359f569333d4150f25b8af167f515dde5784
yacyXSS.txt
Posted Jan 1, 2005
Authored by Donato Ferrante | Site autistici.org

yacy version 0.31 is susceptible to a cross site scripting attack.

tags | exploit, xss
SHA-256 | d64d8c10568564ba1a5c218da503bc0f39e78f0f0dfa75004c3a458b24efa51f
OpenDcHub-poc.zip
Posted Dec 11, 2004
Authored by Donato Ferrante | Site autistici.org

Proof of concept exploit for a buffer overflow vulnerability that exists in Open Dc Hub version 0.7.14.

tags | exploit, overflow, proof of concept
SHA-256 | 8258ae931f345dbb3993fba33e50fa99806a19f8996a9b591ba1f150a0fb65d9
opendchub0714.txt
Posted Dec 11, 2004
Authored by Donato Ferrante | Site autistici.org

A buffer overflow exists in the Open Dc Hub program that allows for arbitrary code execution. Version 0.7.14 is affected.

tags | advisory, overflow, arbitrary, code execution
SHA-256 | 5d7728d7a1361bced3f0c6e6bc6738ad15502e921eb3164f0124e62d24c94b98
parachat55.txt
Posted Oct 7, 2004
Authored by Donato Ferrante | Site autistici.org

ParaChat server version 5.5 is susceptible to a directory traversal attack.

tags | exploit
SHA-256 | dc2d73d8a10c1ee9e0c6d1f19a2dd02664444349c0c58c5ea495325c5a299b7a
birdChat161.txt
Posted Aug 24, 2004
Authored by Donato Ferrante | Site autistici.org

Bird Chat version 1.61 is susceptible to a denial of service attack.

tags | advisory, denial of service
SHA-256 | 3fd39ba61940268943a877e48620af76ea13d357c808d10f8725f4e5f0bf3a91
webchat.txt
Posted Aug 5, 2004
Authored by Donato Ferrante | Site autistici.org

Free Web Chat suffers from both denial of service and resource allocation bugs.

tags | advisory, web, denial of service
SHA-256 | b362a9f9b51a02212145eb681c34e6703a1ce8028a93fa4e37eeca36ea288982
webbsyte.txt
Posted Aug 5, 2004
Authored by Donato Ferrante | Site autistici.org

When over 40 connections are made to Webbsyte 0.9.0, the service crashes.

tags | advisory
SHA-256 | 12c2dcce1b42eb0808a9da9ec432387ab867d5469e37f8251f8f8ea3d4e6ff64
12PlanetXSS.txt
Posted Jul 5, 2004
Authored by Donato Ferrante | Site autistici.org

12Planet Chat server version 2.9 suffers from a cross site scripting flaw.

tags | advisory, xss
SHA-256 | 8a592ed48bd7f885d4a341fdf4cfd031d08dea96ce06367a38a213f087a3115b
SCIphoto.txt
Posted Jul 2, 2004
Authored by Donato Ferrante | Site autistici.org

SCI Photo Chat Server version 3.4.9 is susceptible to a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 8575e09aa1bcbc883017a75c4aa4d09bca783a470652829a1020c77a2876379e
easy12.txt
Posted Jul 2, 2004
Authored by Donato Ferrante | Site autistici.org

Easy Chat Server version 1.2 is susceptible to multiple denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
SHA-256 | c14351e99bc7c75e715099537ef5a044db63e359260141a3b392bcedcdb5a32d
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close