Vulnerability: Local Buffer Overflow in Personal FTP Server 8.0f(g)
Vulnerable software FTP server 8.0f(g) Vulnerability Local Buffer Overflow (SEH protected)-> Code Execution Time Line 01/24/2018 Vendor informed 01/30/2018 Vendor reminded 12.02.2018 Software patched 20.02.2018 Vulnerability Disclose Description The free FTP Server from Michael Roth Software is vulnerable to a local buffer overflow. One of the advanced options within the application didn’t have input […]
Offensive Security Certified Expert && me
As promised on Twitter here is my OSCE review. You can read my time line from before course enrolling until the end of the exam here. So, let’s go. Stage_0: Preparation just before enrolling! First, I read a ton of other reviews to get an idea about the course and the exam. There is nothing […]
CVE-2009-1437: RCE in CoolPlayer+ <= 2.19.6 (Windows 10 Pro)
While doing my preperation for the OSCE i found an exploit for the coolpalyer+ version 2.19.1 from 2009. I decided to check this vulnerability in the recent software version (2.19.6) on my Windows 10 machine. The following post descripes the exploit development. 1. create PoC I created a small python script, which creates a .m3u file […]
Florian Hansemann as expert at the IHK Munich
On 27.02.2018 between 1 and 4 p.m., the Munich Chamber of Commerce and Industry is offering a roundtable discussion for companies together with experts from the field of information security. Here, they can talk confidentially about the challenges to IT security in their company. I face all questions from conceptual to technical information security and […]
