exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2018-4237

Status Candidate

Overview

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error.

Related Files

Mac OS X libxpc MITM Privilege Escalation
Posted Nov 28, 2018
Authored by saelo | Site metasploit.com

This Metasploit module exploits a vulnerability in libxpc on macOS versions 10.13.3 and below. The task_set_special_port API allows callers to overwrite their bootstrap port, which is used to communicate with launchd. This port is inherited across forks: child processes will use the same bootstrap port as the parent. By overwriting the bootstrap port and forking a child processes, we can now gain a MitM position between our child and launchd. To gain root we target the sudo binary and intercept its communication with opendirectoryd, which is used by sudo to verify credentials. We modify the replies from opendirectoryd to make it look like our password was valid.

tags | exploit, root
advisories | CVE-2018-4237
MD5 | 45269b24778bad6f66dc74a38caefbe2
Apple Security Advisory 2018-7-23-5
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383
MD5 | ae4c2d9cc07306103652e9ae805cf2a9
Apple Security Advisory 2018-7-23-3
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple, ios
advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241
MD5 | 8427cf26d14947f142aa0d01ecf6404a
Apple Security Advisory 2018-7-23-4
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-4 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383
MD5 | f9796698ca5b3182336a9da609ad4e31
Apple Security Advisory 2018-7-23-2
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-2 - 2018-003 Sierra, Security Update 2018-003 El Capitan addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4141, CVE-2018-4159, CVE-2018-4171, CVE-2018-4184, CVE-2018-4193, CVE-2018-4196, CVE-2018-4198, CVE-2018-4202, CVE-2018-4211, CVE-2018-4219, CVE-2018-4221, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4228, CVE-2018-4229, CVE-2018-4230, CVE-2018-4234, CVE-2018-4235, CVE-2018-4236, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4242, CVE-2018-4243, CVE-2018-4249
MD5 | 9830b2d9ede1a49ea6d6942b0cb9f042
Apple Security Advisory 2018-06-01-6
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-6 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249
MD5 | e59d809eaa68d48219bc19a35d213a46
Apple Security Advisory 2018-06-01-5
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249
MD5 | 606ec24936293fd6372748b194424f83
Apple Security Advisory 2018-06-01-4
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-4 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple
advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241
MD5 | fc219795904c819a159600cbcb5fc99d
Apple Security Advisory 2018-06-01-1
Posted Jun 1, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-1 - macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan are now available and address buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2018-4141, CVE-2018-4159, CVE-2018-4171, CVE-2018-4184, CVE-2018-4193, CVE-2018-4196, CVE-2018-4198, CVE-2018-4202, CVE-2018-4211, CVE-2018-4219, CVE-2018-4221, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4228, CVE-2018-4229, CVE-2018-4230, CVE-2018-4234, CVE-2018-4235, CVE-2018-4236, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4242, CVE-2018-4243, CVE-2018-4249
MD5 | 591d6ab332d1f5745686e14a38e681d2
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close