battle-cry : ` Spaghetti & PwnSauce `

ryujin's blog

Las Vegas - Defcon Pictures

Submitted by ryujin on Sat, 2008-08-23 16:05.

Back from Las Vegas... Defcon was awesome ;)

Check this out :)

Back from Hat2k8 Hacker Meeting

Submitted by ryujin on Tue, 2008-07-01 08:41.

Thx to all the staff guyz... it was really fun! ( Photo Credit: Matteo Flora \LK/ )
Photo Credit: Matteo Flora (LK)

FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow

Submitted by ryujin on Fri, 2008-06-06 22:16.

FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow http://freeddsshd.com/
Exploit based on securfrog Poc http://www.milw0rm.com/exploits/5709

http://www.milw0rm.com/exploits/5751

» 1 attachment

VLC 0.8.6d SSA Parsing Double Sh311 Universal Exploit

Submitted by ryujin on Fri, 2008-05-23 15:05.

# VLC 0.8.6d Double Sh311 Universal Exploit
# Coded by my friend j0rgan and I
# CVE-2007-6681
# Vulnerability Discovered by Michal Luczaj

http://www.milw0rm.com/exploits/5667

» 2 attachments

BigAnt IM Server HTTP GET Request Remote Buffer Overflow Vulnerability

Submitted by ryujin on Wed, 2008-04-16 11:22.

Apr 15 2008 12:00AM

BigAnt IM Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition.

BigAnt IM Server 2.2 is vulnerable; other versions may also be affected.

» read more | 1 attachment

WinWebMail IMAP Login Data Handling Denial Of Service Vulnerability

Submitted by ryujin on Wed, 2008-04-16 11:18.

Apr 10 2008 12:00AM

WinWebMail is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Remote attackers can exploit this issue to crash the server and deny service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

WinWebMail 3.7.3.2 is vulnerable; other versions may also be affected.

» 1 attachment

SmarterTools SmarterMail HTTP Request Handling Denial Of Service Vulnerability

Submitted by ryujin on Wed, 2008-04-16 11:14.

Apr 04 2008 12:00AM

SmarterTools SmarterMail is prone to a denial-of-service vulnerability when handling specially crafted HTTP GET, HEAD, PUT, POST, and TRACE requests. When the server eventually resets the request connection, it will crash.

Remote attackers can exploit this issue to deny service to legitimate users.

SmarterMail 5.0 is vulnerable; other versions may also be affected.

» 1 attachment

NetWin Surgemail 0DAY (IMAP POST AUTH) Remote LIST Universal Exploit

Submitted by ryujin on Mon, 2008-03-17 08:17.

NetWin Surgemail 0DAY (IMAP POST AUTH) Remote LIST Universal Exploit
Affected Versions : Version 3.8k4-4 Windows Platform
Tested on OS : Windows 2000 SP4 English, Windows XP Sp2 English,Windows 2003 Standard Edition Italian
Discovery Date : 03/13/2008

» read more | 1 attachment

MDAEMON (POST AUTH) REMOTE R00T IMAP FETCH COMMAND UNIVERSAL EXPLOIT 0day

Submitted by ryujin on Thu, 2008-03-13 16:45.

Bug discovered and coded by Matteo Memelli aka ryujin
Affected Versions : MDaemon IMAP server v9.6.4
Tested on OS : Windows 2000 SP4 English, Windows XP Sp2 English, Windows 2003 Standard Edition Italian

» read more | 1 attachment

MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow ( DoS )

Submitted by ryujin on Tue, 2008-03-11 14:00.

Bug discovered and coded by Matteo Memelli aka ryujin
Affected Versions : Standard Edition all versions
Professional Edition all versions
Enterprise Edition all versions
Tested on OS : Windows 2000 SP4 English
Windows 2003 Standard Edition Italian
Windows XP SP2 English
Discovery Date : 02/24/2008
Initial vendor notification : 03/06/2008
Coordinated public disclosure: 03/11/2008

» read more | 1 attachment
Syndicate content