what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Matthew Daley

Email addressmattd at bugfuzz.com
First Active2014-02-08
Last Active2024-09-01
Embedthis GoAhead Embedded Web Server Directory Traversal
Posted Sep 1, 2024
Authored by Roberto S. Soares, Matthew Daley | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in the Embedthis GoAhead Web Server v3.4.1, allowing an attacker to read arbitrary files with the web server privileges.

tags | exploit, web, arbitrary
advisories | CVE-2014-9707
SHA-256 | 176eaf23e2348991401b48184cc4be3a61754c79a8d254fb1976e061cc7d1f98
Download | Favorite | View
OpenSSH User Enumeration
Posted Dec 5, 2018
Authored by Matthew Daley, Justin Gardner, Lee David Painter

OpenSSH versions prior to 7.7 suffer from a user enumeration vulnerability.

tags | exploit
advisories | CVE-2018-15473
SHA-256 | 4859577142cc1049d3959af66839a236a04781ada4ed91ed9ebe565b43f98029
Download | Favorite | View
OpenSSH 7.x Username Enumeration
Posted Aug 16, 2018
Authored by Matthew Daley

OpenSSH versions 2.3 up to 7.4 suffer from a username enumeration vulnerability.

tags | exploit
SHA-256 | 5b89ae3c3cfc697123f753a66e100e36a1f19ae7a11ab2e0b7081e0e195522af
Download | Favorite | View
Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free
Posted Jun 29, 2017
Authored by Matthew Daley | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability in the handling of SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for Windows. When SSL is re-established on a NDMP connection that previously has had SSL established, the BIO struct for the connection's previous SSL session is reused, even though it has previously been freed. This Metasploit module supports 3 specific versions of the Backup Exec agent in the 14, 15 and 16 series on 64-bit and 32-bit versions of Windows and has been tested from Vista to Windows 10.

tags | exploit, remote
systems | windows
advisories | CVE-2017-8895
SHA-256 | 18615ac29398d7f2d7f4f16eff1790cc387a69c2808a4e6bb7a5632253c7e45f
Download | Favorite | View
Veritas Backup Exec Remote Agent For Windows Use-After-Free
Posted May 27, 2017
Authored by Matthew Daley

Veritas Backup Exec Remote Agent for Windows suffers from a use-after-free vulnerability. All versions before Backup Exec 16 FP1, Backup Exec 15 14.2.1180.3160, and Backup Exec 2014 14.1.1187.1126 are affected.

tags | advisory, remote
systems | windows
advisories | CVE-2017-8895
SHA-256 | 8ceb02397eea9ab98abf9619f4ab71f85b7ac2f8ffa9d669f5e674239b69ebd6
Download | Favorite | View
Apache OpenMeetings 3.1.0 Cross Site Scripting
Posted Aug 12, 2016
Authored by Matthew Daley

Apache OpenMeetings version 3.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7cd4363e2b99732754cd02499cfb4501e7c27fb5b0c5ad53d5bfc6fcb86f6281
Download | Favorite | View
GoAhead 3.4.1 Heap Overflow / Traversal
Posted Mar 28, 2015
Authored by Matthew Daley

GoAhead web server versions 3.0.0 through 3.4.1 suffers from heap overflow and directory traversal vulnerabilities.

tags | exploit, web, overflow, vulnerability, file inclusion
advisories | CVE-2014-9707
SHA-256 | 6fb18dfd80ce463f675f713e9ebec9b8c5a991abc545cf1b1fbf82cc2f64697b
Download | Favorite | View
Appweb Web Server Denial Of Service
Posted Mar 28, 2015
Authored by Matthew Daley

Appweb Web Server suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
advisories | CVE-2014-9708
SHA-256 | e59a4ebe08e7c3f7777a2c603a71d5db8d059f0c0ece77091aadd4aa5da52401
Download | Favorite | View
Linux Kernel 3.15-rc4 PTY Race Condition
Posted May 14, 2014
Authored by Matthew Daley

Linux Kernel versions above 3.14-rc1 and below 3.15-rc4 raw mode PTY local echo race condition privilege escalation proof of concept exploit. This bug also affects kernel 2.6.31-rc3 and newer.

tags | exploit, kernel, local, proof of concept
systems | linux
advisories | CVE-2014-0196
SHA-256 | 3e2aeb3682476066fd47d615fa123347b94017a25a410fef128e012fea785cdf
Download | Favorite | View
Oracle Virtualbox Overflow / Type Confusion / Missing Validation
Posted Feb 8, 2014
Authored by Matthew Daley

Oracle Virtualbox suffered from overflow, type confusion, missing validation, and other issues.

tags | advisory, overflow
advisories | CVE-2013-5892, CVE-2014-0407, CVE-2014-0405, CVE-2013-5892, CVE-2014-0406, CVE-2014-0404
SHA-256 | 2ef57d82dffef7c08895823360db3a1acc0b743bdb1ec3f631d377d2bb52be77
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close