what you don't know can hurt you
Showing 26 - 50 of 668 RSS Feed

Operating System: Mac OS X

Red Hat Security Advisory 2017-1479-01
Posted Jun 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1479-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is glibc-side mitigation which blocks processing of LD_LIBRARY_PATH for programs running in secure-execution mode and reduces the number of allocations performed by the processing of LD_AUDIT, LD_PRELOAD, and LD_HWCAP_MASK, making successful exploitation of this issue more difficult.

tags | advisory
systems | linux, redhat, osx
advisories | CVE-2017-1000366
MD5 | 96ed8575b1f88bcd28d167a8cb15d9b2
Parallels Desktop 12.2.0 Virtual Machine Escape
Posted Jun 3, 2017
Authored by Mohammad Reza Espargham | Site twitter.com

Parallels Desktop version 12.2.0 and below suffer from a vulnerability that allows remote file sharing to be leveraged against the host operating system for arbitrary code execution.

tags | exploit, remote, arbitrary, code execution
systems | windows, apple, osx
MD5 | 69a4be4fd7692e5549456f998744139a
Atlassian SourceTree 2.5c Client URL Handler Command Injection
Posted May 4, 2017
Authored by redrain

Atlassian SourceTree Client version 2.5c and prior contain a client URL handler command injection vulnerability that allows attackers to execute specially crafted sourcetree:// commands with arbitrary arguments on multiple platforms.

tags | exploit, advisory, arbitrary, local, vulnerability
systems | linux, windows, apple, osx
MD5 | dc5158c6d9969d6de9329a467ec14160
HideMyAss Pro VPN Client 3.3.0.3 Privilege Escalation
Posted Apr 30, 2017
Authored by Han Sahin

HideMyAss Pro VPN client version 3.3.0.3 for OS X suffers from a helper binary (com.privax.hmaprovpn.helper) local privilege escalation vulnerability.

tags | exploit, local
systems | apple, osx
MD5 | dbab384b2c2cf9076d625633efca65ab
HideMyAss Pro VPN Client 2.2.7.0 Privilege Escalation
Posted Apr 29, 2017
Authored by Han Sahin

HideMyAss Pro VPN client version 2.2.7.0 for OS X suffers from a helper binary (HMAHelper) local privilege escalation vulnerability.

tags | exploit, local
systems | apple, osx
MD5 | 4e9c69f81809b928fa5fb9a01e6fd6c7
GNS3 Mac OS-X 1.5.2 ubridge Privilege Escalation
Posted Apr 14, 2017
Authored by Hacker Fantastic

GNS3 Mac OS-X version 1.5.2 ubridge privilege escalation exploit.

tags | exploit
systems | apple, osx
MD5 | dec70585733d3d532b738a209e7812a3
Cisco Security Advisory 20170322-l2tp
Posted Mar 22, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service, protocol
systems | cisco, osx
advisories | CVE-2017-3857
MD5 | 8e211358e033468251f63614e5b2fb40
Cisco Security Advisory 20170322-dhcpc
Posted Mar 22, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the DHCP client implementation of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco, osx
advisories | CVE-2017-3864
MD5 | 93df32052601d328373b0ac491815e96
Red Hat Security Advisory 2017-0680-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0680-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat, osx
advisories | CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
MD5 | 1ecabbc72c7b60a99fde956929c63e70
Cisco Security Advisory 20170317-cmp
Posted Mar 17, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and The incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, arbitrary, local, protocol
systems | cisco, osx
advisories | CVE-2017-3881
MD5 | e95dfb301f191a5ec25fd4391f2377a8
Cisco Security Response 20170214-smi
Posted Feb 15, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Response - Several researchers have reported on the use of Smart Install (SMI) protocol messages toward Smart Install clients, also known as integrated branch clients (IBC), allowing an unauthenticated, remote attacker to change the startup-config file and force a reload of the device, upgrade the IOS image on the device, and execute high-privilege CLI commands on switches running Cisco IOS and IOS XE Software. Cisco does not consider this a vulnerability in Cisco IOS, IOS XE, or the Smart Install feature itself but a misuse of the Smart Install protocol that by design does not require authentication.

tags | advisory, remote, protocol
systems | cisco, osx, ios
MD5 | c96bbaa757e47e6830e465936de741d3
Debian Security Advisory 3778-1
Posted Feb 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3778-1 - Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.

tags | advisory, arbitrary, ruby
systems | linux, debian, osx
advisories | CVE-2016-10173
MD5 | b910898d8052c81fee3aa14c5a0848f5
Mac OS / iOS syslogd Arbitrary Port Replacement
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

syslogd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7660
MD5 | 8eb7916a048ecdbb23dee2bb2a35b379
Mac OS X / iOS Missing Error Check Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

A lack of error checking leads to a reference count leak and OS X / iOS kernel use-after-free vulnerability in _kernelrpc_mach_port_insert_right_trap.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7621
MD5 | 2dfcf68cd51acc4fa50dafc6d021feb4
Mac OS / iOS Privileged Port Name Replacement
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

A broken kernel mach port name uref handling on iOS and Mac OS can lead to privileged port name replacement in other processes.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7637
MD5 | 3a001d596093a86e7bb1c9f6ff060a77
Mac OS X / iOS ipc_port_t Reference Count Leak / Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

There is an ipc_port_t reference count leak due to incorrect externalMethod overrides that lead to a Mac OS X / iOS kernel use-after-free vulnerability.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7612
MD5 | c1a88972c2e7188bba733c5fcecbbb8b
Red Hat Security Advisory 2016-2573-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2573-02 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution.

tags | advisory, overflow, code execution
systems | linux, redhat, osx
advisories | CVE-2016-3075
MD5 | a6f6d5517d89fb0a51eaeb83b0408e75
Mac OS X 10.11.6 launchd Message Control
Posted Oct 29, 2016
Authored by Google Security Research, ianbeer

A logic issue in launchd message requeuing allows arbitrary mach message control. Mac OS X version 10.11.6 is affected.

tags | advisory, arbitrary
systems | apple, osx
advisories | CVE-2016-4675
MD5 | 535e9aa8ea1d3f66f7673b23668db025
Mac OS X / iOS mach_ports_register Memory Safety Issues
Posted Oct 29, 2016
Authored by Google Security Research, ianbeer

Multiple memory safety issues exist in Mac OS X and iOS inside of mach_ports_register.

tags | exploit
systems | cisco, apple, osx, ios
advisories | CVE-2016-4669
MD5 | f07634e9d84bf8ba6bb3b4515e3d8ada
VMware Security Advisory 2016-0017
Posted Oct 26, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0017 - VMware product updates address information disclosure issues in VMware Fusion and VMware Tools running on Mac OS X.

tags | advisory, info disclosure
systems | apple, osx
advisories | CVE-2016-5328, CVE-2016-5329
MD5 | b2a2ee431c2950df3b33db5e02601785
Mac OS X / iOS IOSurface Use-After-Free
Posted Oct 25, 2016
Authored by Google Security Research, ianbeer

Mac OS X and iOS kernels suffer from a use-after-free vulnerability in IOSurface.

tags | exploit, kernel
systems | cisco, apple, osx, ios
advisories | CVE-2016-4625
MD5 | 2283c84309c30c849907e3df36c1e0c6
Mac OS X Kernel IOBluetoothFamily.kext Use-After-Free
Posted Oct 25, 2016
Authored by Google Security Research, ianbeer

The Mac OS X kernel suffers from a use-after-free vulnerability. in IOBluetoothFamily.kext.

tags | exploit, kernel
systems | apple, osx
advisories | CVE-2016-1863
MD5 | a276e72f348ef8cbf953c244afbf8b4d
Cisco Security Advisory 20160928-smi
Posted Sep 29, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of image list parameters. An attacker could exploit this vulnerability by sending crafted Smart Install packets to TCP port 4786. A successful exploit could cause a Cisco Catalyst switch to leak memory and eventually reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability other than disabling Smart Install functionality on the affected device.

tags | advisory, remote, denial of service, tcp, memory leak
systems | cisco, osx
MD5 | f4a1186c6866c8953658abc16723759c
Cisco Security Advisory 20160928-msdp
Posted Sep 29, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The issues are in IPv4 Multicast Source Discovery Protocol (MSDP) and IPv6 Protocol Independent Multicast (PIM). The first vulnerability (Cisco bug ID CSCud36767) is due to insufficient checking of MSDP Source-Active (SA) messages received from a configured MSDP peer. An attacker who can send traffic to the IPv4 address of a device could exploit this vulnerability by sending a packet designed to trigger the issue to the affected device. A successful exploit could cause the affected device to restart. The second vulnerability (Cisco bug ID CSCuy16399) is due to insufficient checking of packets encapsulated in a PIM register message. An attacker who can send a malformed IPv6 PIM register packet to a PIM rendezvous point (RP) could exploit the vulnerability. A successful exploit could cause the affected device to restart. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, protocol
systems | cisco, osx
MD5 | 43cc4297092d1bd5caa70fda605ff287
Cisco Security Advisory 20160928-ios-ikev1
Posted Sep 29, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. The vulnerability is due to the improper handling of crafted, fragmented IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, udp
systems | cisco, osx
MD5 | 2c70f7682ae53942ec87823035a10378
Page 2 of 27
Back12345Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    9 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close