what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

CVE-2018-4237

Status Candidate

Overview

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error.

Related Files

Mac OS X libxpc MITM Privilege Escalation
Posted Nov 28, 2018
Authored by saelo | Site metasploit.com

This Metasploit module exploits a vulnerability in libxpc on macOS versions 10.13.3 and below. The task_set_special_port API allows callers to overwrite their bootstrap port, which is used to communicate with launchd. This port is inherited across forks: child processes will use the same bootstrap port as the parent. By overwriting the bootstrap port and forking a child processes, we can now gain a MitM position between our child and launchd. To gain root we target the sudo binary and intercept its communication with opendirectoryd, which is used by sudo to verify credentials. We modify the replies from opendirectoryd to make it look like our password was valid.

tags | exploit, root
advisories | CVE-2018-4237
MD5 | 45269b24778bad6f66dc74a38caefbe2
Apple Security Advisory 2018-7-23-5
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383
MD5 | ae4c2d9cc07306103652e9ae805cf2a9
Apple Security Advisory 2018-7-23-3
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple, ios
advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241
MD5 | 8427cf26d14947f142aa0d01ecf6404a
Apple Security Advisory 2018-7-23-4
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-4 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383
MD5 | f9796698ca5b3182336a9da609ad4e31
Apple Security Advisory 2018-7-23-2
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-2 - 2018-003 Sierra, Security Update 2018-003 El Capitan addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4141, CVE-2018-4159, CVE-2018-4171, CVE-2018-4184, CVE-2018-4193, CVE-2018-4196, CVE-2018-4198, CVE-2018-4202, CVE-2018-4211, CVE-2018-4219, CVE-2018-4221, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4228, CVE-2018-4229, CVE-2018-4230, CVE-2018-4234, CVE-2018-4235, CVE-2018-4236, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4242, CVE-2018-4243, CVE-2018-4249
MD5 | 9830b2d9ede1a49ea6d6942b0cb9f042
Apple Security Advisory 2018-06-01-6
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-6 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249
MD5 | e59d809eaa68d48219bc19a35d213a46
Apple Security Advisory 2018-06-01-5
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249
MD5 | 606ec24936293fd6372748b194424f83
Apple Security Advisory 2018-06-01-4
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-4 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple
advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241
MD5 | fc219795904c819a159600cbcb5fc99d
Apple Security Advisory 2018-06-01-1
Posted Jun 1, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-1 - macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan are now available and address buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4141, CVE-2018-4159, CVE-2018-4171, CVE-2018-4184, CVE-2018-4193, CVE-2018-4196, CVE-2018-4198, CVE-2018-4202, CVE-2018-4211, CVE-2018-4219, CVE-2018-4221, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4228, CVE-2018-4229, CVE-2018-4230, CVE-2018-4234, CVE-2018-4235, CVE-2018-4236, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4242, CVE-2018-4243, CVE-2018-4249
MD5 | 591d6ab332d1f5745686e14a38e681d2
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    14 Files
  • 20
    Sep 20th
    20 Files
  • 21
    Sep 21st
    3 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close