Navigation
News
Projects
Docs
Pictures
Advisories
Exploits (46)
LSM
Books
Movies
Blog
Fun
Shellcodes
About
Future
Friends
RISE Security
Priv8Security
Flap 71 - Udi Shamir
M00
DSR
RFDS Labs
THC
Hack in The Box Conference
Troopers
uCon Conference
Metasploit Project

RISE Security
I'm member of RISE Security

"There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies."
-- C.A.R. Hoare

"I have always wished for my computer to be as easy to use as my telephone; my wish has come true because I can no longer figure out how to use my telephone."
-- Bjarne Stroustrup

Hackers 2 Hackers Conference I'm one of the organizers of the Hackers 2 Hackers Conference, in Brazil... this is the 7 edition: http://www.h2hc.com.br


Hakin9 Magazine Link to an excelent security magazine: http://www.en.hakin9.org


www.cacert.org
Advisories
Check Point Advisories

RPC.ttdbserver Heap Overflow - Affecting IBM/AIX, HP-UX, Oracle's Sun Solaris
GhostScript Stack Overflow
RPC.pcnfsd Remote Format String - Affecting IBM/AIX, HP-UX, SGI/Irix

iDefense released my vulnerability in RPC.cmsd (affecting AIX and VIOS) - The code to trigger the vulnerability is here

Works with other friends

I found several vulnerabilities in OProfile 'jited' source for IBM, here are the mails about it (an IBM developer coded the patch):
Original
Reply 1
Reply 2
Reply 3
The patch itself


FreeBSD/NetBSD/TrustedBSD*/DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- A patch for this issue


RISE Security Advisories

Linux eCryptfs parse_tag_3_packet Encrypted Key buffer overflow vulnerability

Linux eCryptfs parse_tag_11_packet Literal Data buffer overflow vulnerability

ToolTalk rpc.ttdbserver _tt_internal_realpath buffer overflow vulnerability

Sun Solstice AdminSuite sadmin adm_build_path() buffer overflow vulnerability

Apple MacOS X 10.4.x Kernel i386_set_ldt() Integer Overflow

Firebird Relational Database Multiple Buffer Overflws

Borland Interbase Multiple Buffer Overflows

Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability

FreeBSD 5.x Kernel Integer Overflow Vulnerability
- A patch for this issue
- Securityfocus (bugtraq) link

X11R6 XKeyoard extension strcmp() buffer overflow vulnerability - Original sun advisorie crediting us

Priv8 Security Advisories

LCDProc Advisorie 1

LCDProc Exploit 1

LCDProc Advisorie 2

LCDProc Exploit 2

Mandrake 9.0 multiple suid binaries vulnerabilities Advisory

escputil exploit

mtink exploit

ml85p exploit

kon exploit

Gnome Batalla Naval Advisory

Remote exploit for Borland Interbase 7.1 SP 2 and lower

AppleFileServer Remote Root Overflow Exploit

MacOSX DirectoryService local root exploit

priv8atari800.pl

priv8elog.pl

 Gnome Batalla Naval Exploit

 priv8lc.pl

Xlock Vulnerability

Halflife Remote Vulnerability (together with UHAGR group)

Stunnel Vulnerability

CD Record Vulnerability

Seed Security Advisories

GNU Mailutils imap4d Format String Vulnerability Metasploit Module

Apple report given the credits for the bug discovery to seedsecurity and iDefense

Advisories/Exploits with acknowledges to me

m00 archive has the 0w http exploit with target added by me to debian systems Click here for a local version

TCP/IP Stack Vulnerability

OSU HTTP for OpenVMS information disclousure - Acknowledges to risesecurtiy.org

:: copyleft 2004-2010 - Rodrigo Rubira Branco (BSDaemon) ::