Advisories

Return to dashboard ⇪

Sections

lang: |
RSS: |
About me
Tools
→ YT YouTube (EN)
→ D Discord
→ M Mastodon
→ T Twitter
→ GH GitHub

My company's website

Paged Out! zine

Dragon Sector CTF Team

Links / Blogs

Posts

// copyright © Gynvael Coldwind
// design & art by Xa
// logo font (birdman regular) by utopiafonts / Dale Harris

/* the author and owner of this blog hereby allows anyone to test the security of this blog (on HTTP level only, the server is not mine, so let's leave it alone ;>), and try to break in (including successful breaks) without any consequences of any kind (DoS attacks are an exception here) ... I'll add that I planted in some places funny photos of some kittens, there are 7 of them right now, so have fun looking for them ;> let me know if You find them all, I'll add some congratz message or sth ;> */

Vulns found in blog:
* XSS (pers, user-inter) by ged_
* XSS (non-pers) by Anno & Tracerout
* XSS (pers) by Anno & Tracerout
* Blind SQLI by Sławomir Błażek
* XSS (pers) by Sławomir Błażek

Advisories

Publication Date	Threat level	Name and link	Other (BID, CVE, MS)
2011-07-31	very low	aterm 1.0.1 / rxvt 2.7.10 DoS (ANSI escape codes)
2011-07-31	very low	PuTTY 0.60 DoS (ANSI escape codes)
2010-07-19	low	PHP 5.2.10 / 5.3.0 EXIF DoS #1
2010-07-19	low	PHP 5.2.10 / 5.3.0 EXIF DoS #2
2010-07-19	low	PHP 5.2.10 / 5.3.0 EXIF DoS #3
2010-07-19	very low	PHP 5.2.10 / 5.3.0 Multiple Memory Disclosure
2010-04-13	critical	Microsoft Windows Kernel Null Pointer DoS (with j00ru)	MS10-021, CVE-2010-0234,
2010-04-13	critical	Microsoft Windows Kernel Symbolic Link Value DoS (with j00ru)	MS10-021, CVE-2010-0235,
2010-04-13	critical	Microsoft Windows Kernel Memory Allocation Local Privilege Escalation (with j00ru)	MS10-021, CVE-2010-0236,
2010-04-13	critical	Microsoft Windows Kernel Symbolic Link Creation Local Privilege Escalation (with j00ru)	MS10-021, CVE-2010-0237,
2010-04-13	critical	Microsoft Windows Kernel Registry Key DoS (with j00ru)	MS10-021, CVE-2010-0238,
2010-02-09	critical	Microsoft Windows CSRSS Local Privilege Elevation Vulnerability (with j00ru)	MS10-011, CVE-2010-0023,
2008-02-16	v.high	Firefox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak	29513, 29412, 27947, 27826, 26937
2008-01-23	med	SDL_Image 1.2.6 and prior GIF handling buffer overflow	27417
2007-12-05	low	Opera 9.50 beta / 9.24 Remote DoS	26721
2007-09-06	high	2K7SEPT6 Magellan Explorer 3.32 build 2305 Remote FTP Client Directory Traversal
2007-09-06	high	2K7SEPT6 Total Commander 7.01 Remote FTP Client Directory Traversal	25581
2007-08-29	med	Blizzard StarCraft Brood War Remote DoS	25478
2007-08-24	high	2K7SEPT6 X-Diesel Unreal Commander v0.92 (build 573) multiple FTP-based vulnerabilities	25583
2007-08-23	high	X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities
2007-08-20	low	Fileinfo multiple vulnerabilities	25373

Threat levels legend:

low	Local/Remote DoS of unimportant application, minor spoofing of unimportant data, etc.
med	Remote DoS of unimportant application, minor data disclosure, etc.
high	Remote DoS of an important app, remote user-triggered things that might lead to a code execution.
v.high	Remote code execution on a browser/network software, or another important app. Local privilege escalation in a uncommon app.
critical	Local/remote privilege escalation in a common app/OS, OS local/remote DoS, attacks on critical Internet infrastructure, etc.