Showing 1 - 11 of 11

Files from Francesco Tornieri

Docker 1.11.2 Forged VXLAN Packet Service Detection: Posted Nov 24, 2016; Authored by Francesco Tornieri; Docker versions 1.11.2 and below suffer from an issue where a forged VXLAN packet can be leveraged to scan services that are not exposed.; tags | exploit; SHA-256 | a4e4a57ace4ef27819179237d6afd95b851a2dcb97baf0583bc8133f4f80246a; Download | Favorite | View

Storm Ringing PABX Test Tool: Posted Aug 24, 2012; Authored by Francesco Tornieri; This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call). The aim of the tool is to ring all the sip Terminal Equipment (phones).; tags | tool, telephony, fuzzer; systems | unix; SHA-256 | 6ba2d5b8e6fb19504e9f6dd8fae1bdcbe77e340e3053d3fc58575622138019d5; Download | Favorite | View

Owncloud 3.0.3 Clear Text Password Storage: Posted May 11, 2012; Authored by Francesco Tornieri; Owncloud versions 3.0.3 and below suffer from a clear text ldap password disclosure vulnerability in owncloud.db.; tags | exploit; SHA-256 | 31549886f764c292ef5d70e3a5a923ec24afda76b24471bdb34b6fc0fa48ebe5; Download | Favorite | View

Siemens Gigaset IP Series SIP Username Enumeration: Posted Aug 23, 2011; Authored by Francesco Tornieri; Siemens Gigaset IP Series suffers from a SIP username enumeration vulnerability.; tags | exploit; SHA-256 | 65e4e4df9126f57c3d9e3c1530c6d57e4e68c68e0ac0872319a1afd3d16b33e4; Download | Favorite | View

Asterisk 1.8.x SIP User Enumeration: Posted Jun 30, 2011; Authored by Francesco Tornieri; The INVITE method in use by Asterisk version 1.8.4.4 allows for remote user enumeration.; tags | exploit, remote; SHA-256 | c8d09e1a6bc234ffc02445e7446b5216f7017ea2bb2d57463d5af6d921a8ff5c; Download | Favorite | View

Trixbox 2.8.0.4 User Enumeration: Posted Jun 28, 2011; Authored by Francesco Tornieri; Trixbox versions 2.8.0.4 and below suffer from a remote user enumeration vulnerability via the Flash Operator Panel.; tags | exploit, remote; SHA-256 | 5fe530b38bbe1264123805cbd691c7f4036091c2a5950c46258181987161b42a; Download | Favorite | View

Asterisk 1.8.4 SIP Username Enumeration: Posted May 26, 2011; Authored by Francesco Tornieri; The REGISTER method in use by Asterisk version 1.8.4 allows for remote user enumeration.; tags | exploit, remote; SHA-256 | 0066c93ed79feb1bd8f0719d5c48a08e733fb8a5cfe1689acb5d5038f5c6a643; Download | Favorite | View

Asterisk 1.8.x SIP User Enumeration: Posted May 1, 2011; Authored by Francesco Tornieri; Asterisk version 1.8.x suffers from a SIP remote user enumeration vulnerability.; tags | exploit, remote; SHA-256 | 5bf98cf221d04c51ddb7d1a9e47f9bbb189d3640a8237aa5efd26b53988ad25c; Download | Favorite | View

Asterisk 1.4.x / 1.6.x Username Enumeration: Posted Apr 17, 2011; Authored by Francesco Tornieri; Asterisk versions 1.4.x and 1.6.x suffer from a SIP response user enumeration vulnerability.; tags | advisory; SHA-256 | 4973731897121ff19b4e5e74ece388fc7aed0dec962bb1d65c5b2cbcb447f513; Download | Favorite | View

Kyocera FTP Bounce: Posted Sep 3, 2008; Authored by Francesco Tornieri; Using Nmap, it is quite simple to perform a FTP bounce attack to port scan using the ftpd in Kyocera's printer model FS-118MFP.; tags | exploit; SHA-256 | c299acd863cc8ce32930a99e8c048a8d421ffc84f47a97c58db3b8894343e64c; Download | Favorite | View

kyocera-traversal.txt: Posted Aug 27, 2008; Authored by Francesco Tornieri; Kyocera Command Center suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 42d830ef4de171b4deadad97f60d6a5e5ada87a058d0dfdd45dcec7b6995b466; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days