New User, Welcome!     Login

Next Page >>

Francis Provencher

{PRL} Cerberus FTP server 3.0.6 Pre-Auth DoS

        
Exploitation: Remote DoS

Date:         2009-09-30

Author:       Francis Provencher (Protek Research Lab's) 
             

#####################################################################################

1) Introduction

{PRL} Microsoft Windows Outlook Express and Windows Mail Integer Overflow

CVE Number:   CVE-2010-0816

Discover Date:   2009-09-11

Author:   Francis Provencher (Protek Research Lab's)

Website:   http://www.protekresearchlab.com


#####################################################################################

{PRL} XLPD 3.0 Remote DoS

        
Exploitation: remote DoS

Date:         2009-10-06

Author:       Francis Provencher (Protek Research Lab's) 
             

#####################################################################################

1) Introduction

{PRL} Novell Netware CIFS And AFP Remote Memory Consumption DoS

   
Exploitation:   Remote DoS

Date:   2009-12-21

Author:   Francis Provencher (Protek Research Lab's)
             
Blog:   http://protekresearch.blogspot.com/


#####################################################################################

{PRL} Lexmark Multiple Laser Printer Remote Stack Overflow

CVE Number:   CVE-2010-0619

Discover Date:   2010-01-06

Author:   Francis Provencher (Protek Research Lab's)

Website:   http://www.protekresearchlab.com

#####################################################################################

Re: {PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability

PRL> Exploitation: Local Privilege Escalation

PRL> Date:         2009-10-27

PRL> Author:       Francis Provencher (Protek Research Lab's) 

PRL>           
PRL> #####################################################################################

PRL> 1) Introduction

Re: XM Easy Personal FTP Server 'LIST' Command Remote DoS Vulnerability

                        'Description'    => %q{
                                You need a valid login to DoS this FTP server, but
                                even anonymous can do it as long as it has permission
                                to call Type.
                        },
                        'Author'         => 'Francis Provencher, Protek Research Lab',
                        'License'        => MSF_LICENSE,
                        'Version'        => '$Revision: 1 $',
                        'References'     => [
                                [ 'URL', ' http://protekresearch.blogspot.com]
                        ],

ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability

2010-09-22 - Vulnerability reported to vendor
2011-03-18 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Research Lab's

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability

2010-08-23 - Vulnerability reported to vendor
2011-02-17 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Researchh Lab's
    * AbdulAziz Hariri of ThirdEyeTesters
    * SilentSignal

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents

Multiple Vulnerabilities

Author:       Francis Provencher (Protek Research Lab's)

{PRL} Novell Netware FTP Remote Stack Overflow

Novell TID:   3238588

Discover Date:   2009-07-23

Author:   Francis Provencher (Protek Research Lab's)

Blog:   http://www.protekresearchlab.com/


#####################################################################################

{PRL} Rising Antivirus 2009 Privilege Escalation

Exploitation: Privilege Escalation

Date:         2009-10-26

Author:       Francis Provencher (Protek Research Lab's) 

          
#####################################################################################

1) Introduction

{PRL} Eureka Mail client BoF

Exploitation: remote BoF

Date:         2009-10-06

Author:       Francis Provencher (Protek Research Lab's) 

Special Thanks to:  M Jeremy Brown      
             

#####################################################################################

ZDI-10-138: Novell iPrint Server Queue Name Remote Code Execution Vulnerability

2010-07-20 - Vulnerability reported to vendor
2010-08-05 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Research Lab's

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability

2010-12-01 - Vulnerability reported to vendor
2011-02-16 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Research Lab's

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

{PRL} Novell Groupwise Webaccess Stack Overflow

CVE Number:

Novell TID:  7006380

Author:   Francis Provencher (Protek Research Lab's)

WebSite:   http://www.protekresearchlab.com/


#####################################################################################

ZDI-10-169: Novell Netware SSHD.NLM Remote Code Execution Vulnerability

2010-04-06 - Vulnerability reported to vendor
2010-09-01 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

ZDI-11-047: IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability

2010-07-20 - Vulnerability reported to vendor
2011-02-07 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Researchh Lab's

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

ZDI-11-136: IBM Tivoli Directory Server ibmslapd.exe SASL Bind Request Remote Code Execution Vulnerability

2011-02-17 - Vulnerability reported to vendor
2011-04-18 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Research Lab's

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities

2010-04-05 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Nick DeBaggis
    * Francis Provencher

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.

{PRL} Lexmark Multiple Laser printer FTP Remote Denial of Services

CVE Number:   CVE-2010-0618

Discover Date:   2010-01-06

Author:   Francis Provencher (Protek Research Lab's)

Website:   http://www.protekresearchlab.com


#####################################################################################

{PRL} Xerox Workcenter 4150 Remote Buffer Overflow

Platforms:   Xerox Workcenter 4150

Discover Date:   2009-12-21

Author:   Francis Provencher (Protek Research Lab's)

Blog:   http://www.Protekresearchlab.com


#####################################################################################

{PRL} Novell Groupwise Internet Agent Stack Overflow

CVE Number:

Novell TID:  7006374

Author:   Francis Provencher (Protek Research Lab's)

WebSite:   http://www.protekresearchlab.com/


#####################################################################################

[security bulletin] HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local Elevation of Privileges and Remote Execution of Arbitrary Code

CVE-2010-3005    (AV:L/AC:L/Au:S/C:C/I:C/A:C)       6.8
===========================================================
             Information on CVSS is documented
            in HP Customer Notice: HPSN-2008-002

The Hewlett-Packard Company thanks Francis Provencher of Protek Research Labs for reporting this vulnerability to security-alert@hp.com.

RESOLUTION

HP has provided hotfixes for Operations Agent v7.36 and v8.6 to resolve this vulnerability. Please contact your HP Software support channel to request the hotfixes below.

{PRL} Multiple Panda Security Products Local Privilege Escalation Vulnerability

Exploitation: Local Privilege Escalation

Date:         2009-10-27

Author:       Francis Provencher (Protek Research Lab's) 

          
#####################################################################################

1) Introduction

{PRL} QuickHeal antivirus 2010 Local Privilege Escalation

Exploitation: Local Privilege Escalation

Date:         2009-12-16

Author:       Francis Provencher (Protek Research Lab's) 

          
#####################################################################################

1) Introduction

{PRL} Pegasus Mail client BoF

Exploitation: remote BoF

Date:         2009-10-06

Author:       Francis Provencher (Protek Research Lab's) 
        
             

#####################################################################################

{PRL} Rising Firewall 2009 Privilege Escalation

Exploitation: Privilege Escalation

Date:         2009-10-26

Author:       Francis Provencher (Protek Research Lab's) 

          
#####################################################################################

1) Introduction

{PRL} My Remote File Server Privilege Escalation

Exploitation: Privilege Escalation

Date:         2009-10-26

Author:       Francis Provencher (Protek Research Lab's) 

          
#####################################################################################

1) Introduction

ZDI-11-090: Novell Netware RPC XNFS xdrDecodeString Remote Code Execution Vulnerability

2010-08-25 - Vulnerability reported to vendor
2011-02-18 - Coordinated public release of advisory

-- Credit:
This vulnerability was discovered by:
    * Francis Provencher for Protek Researchh Lab's

-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents 
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Next Page>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!