Showing 1 - 3 of 3

Files from Hugo Vazquez Carames

Apache Commons FileUpload 1.2.2 Insecure /tmp Usage: Posted Mar 7, 2013; Authored by Hugo Vazquez Carames, Karl Dyszynski; Apache Commons FileUpload provides file upload capability for Servlets and web applications. During the upload process, FileUpload may (depending on configuration) save the uploaded file temporarily on disk. By default this will be in the system wide tmp directory. Because the temporary files have predictable file names and are stored in a publicly writeable location they are vulnerable to a TOCTOU attack. Versions 1.0 through 1.2.2 are affected.; tags | advisory, web, file upload; advisories | CVE-2013-0248; SHA-256 | aef9320b83ebe6ba6979332985d9a5aff8a232ccdbb3dd487e7f6d3b242f6f7a; Download | Favorite | View

SonicWall NSA 4500 Cross Site Scripting / Session Hijacking: Posted Oct 4, 2011; Authored by Hugo Vazquez Carames | Site pentest.es; The SonicWall NSA 4500 suffers from cross site scripting and session id hijacking vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 527eef87d88a5de876a908763739592e531c1552a1ad2ad9b117345acb0fadeb; Download | Favorite | View

checkpoint_hack.pdf: Posted Oct 3, 2007; Authored by Hugo Vazquez Carames | Site pentest.es; Paper discussing multiple buffer overflow vulnerabilities in CheckPoint Firewall-1.; tags | paper, overflow, vulnerability; SHA-256 | 361d6a69c91dea1221dc4b50c302fb87f9bd5d6eb2faa40489e3e36c793f22f1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days