exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Max Dietz

Intersil (Boa) HTTPd Basic Authentication Password Reset

Posted Aug 31, 2024

Authored by Luca Carettoni, Claudio "paper" Merloni, Max Dietz | Site metasploit.com

The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows basic authentication bypass when the user string is greater than 127 bytes long. The long string causes the password to be overwritten in memory, which enables the attacker to reset the password. In addition, the malicious attempt also may cause a denial-of-service condition. Please note that you must set the request URI to the directory that requires basic authentication in order to work properly.

tags | exploit, web

advisories | CVE-2007-4915

SHA-256 | 2f1be5078d3f7dd3df4c5ec50ce87ebf28f8550be93957887f8d14842b8685ba

Download | Favorite | View

commerce35.pair.com Cross Site Scripting

Posted Mar 10, 2009

Authored by Max Dietz

commerce35.pair.com suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | fefe9b8f7502d1abb958d5e6a58da6492ac244adee03f1d83521fd0367ae8226

Download | Favorite | View