Twenty Year Anniversary
Showing 76 - 100 of 653 RSS Feed

Operating System: Mac OS X

Apple Security Advisory 2015-12-08-3
Posted Dec 10, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-12-08-3 - OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-2895, CVE-2012-0876, CVE-2012-1147, CVE-2012-1148, CVE-2015-3807, CVE-2015-5333, CVE-2015-5334, CVE-2015-6908, CVE-2015-7001, CVE-2015-7038, CVE-2015-7039, CVE-2015-7040, CVE-2015-7041, CVE-2015-7042, CVE-2015-7043, CVE-2015-7044, CVE-2015-7045, CVE-2015-7046, CVE-2015-7047, CVE-2015-7052, CVE-2015-7053, CVE-2015-7054, CVE-2015-7058, CVE-2015-7059, CVE-2015-7060, CVE-2015-7061, CVE-2015-7062, CVE-2015-7063
MD5 | a3dfdb84b85b00741b1c089a33944dfe
Red Hat Security Advisory 2015-2589-01
Posted Dec 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2589-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap. A local attacker could potentially use this flaw to execute arbitrary code on the system. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data.

tags | advisory, arbitrary, local, info disclosure
systems | linux, redhat, osx
advisories | CVE-2013-7423, CVE-2015-1472, CVE-2015-1473, CVE-2015-1781, CVE-2015-5277
MD5 | 19cba1476d7eb01430fcb1c63abd9f4d
Mac OS X 10.11 FTS Buffer Overflow
Posted Dec 8, 2015
Authored by Maksymilian Arciemowicz

Mac OS X version 10.11 suffered from an FTS deep structure of the file system buffer overflow vulnerability.

tags | exploit, overflow
systems | apple, osx
advisories | CVE-2010-0105, CVE-2013-6799, CVE-2014-4433, CVE-2014-4434
MD5 | 675fdc1af0d659351253897581e4b48f
Zed Attack Proxy 2.4.3 Mac OS X Release
Posted Dec 5, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Various updates.
tags | tool, web, vulnerability
systems | apple, osx
MD5 | c3c2d165042c07a633a09351438e294d
Red Hat Security Advisory 2015-2172-01
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2172-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap in certain cases. A local attacker could potentially use this flaw to escalate their privileges.

tags | advisory, local
systems | linux, redhat, osx
advisories | CVE-2015-5277
MD5 | 5a2d5495061f0d8393e5fc76051420f8
Red Hat Security Advisory 2015-2199-07
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2199-07 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data.

tags | advisory, info disclosure
systems | linux, redhat, osx
advisories | CVE-2013-7423, CVE-2015-1472, CVE-2015-1473, CVE-2015-1781
MD5 | 172d662a824a537a6efe1d8c277fd6e6
Mac OS X 10.9.5 / 10.10.5 rsh/libmalloc Privilege Escalation
Posted Oct 27, 2015
Authored by rebel, shandelman116 | Site metasploit.com

This Metasploit module writes to the sudoers file without root access by exploiting rsh and malloc log files. Makes sudo require no password, giving access to su even if root is disabled. Works on OS X 10.9.5 to 10.10.5 (patched on 10.11).

tags | exploit, root
systems | apple, osx
advisories | CVE-2015-5889
MD5 | dc4258c8896b5eff92876ba20f531ffd
Safari User-Assisted Applescript Exec Attack
Posted Oct 23, 2015
Authored by joev | Site metasploit.com

In versions of Mac OS X before 10.11.1, the applescript:// URL scheme is provided, which opens the provided script in the Applescript Editor. Pressing cmd-R in the Editor executes the code without any additional confirmation from the user. By getting the user to press cmd-R in Safari, and by hooking the cmd-key keypress event, a user can be tricked into running arbitrary Applescript code. Gatekeeper should be disabled from Security and Privacy in order to avoid the unidentified Developer prompt.

tags | exploit, arbitrary
systems | apple, osx
advisories | CVE-2015-7007
MD5 | 89e9bb2d3aa0c450f7ded6ee07b500b6
Apple Security Advisory 2015-10-21-8
Posted Oct 21, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-10-21-8 - OS X Server 5.0.15 is now available and addresses BIND and bypass vulnerabilities.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2015-5722, CVE-2015-5986, CVE-2015-7031
MD5 | 89d74c687550d2db47b44e8180b3b8a4
Apple Security Advisory 2015-10-21-4
Posted Oct 21, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-10-21-4 - OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address memory corruption, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2012-6151, CVE-2014-3565, CVE-2015-0235, CVE-2015-0273, CVE-2015-5924, CVE-2015-5925, CVE-2015-5926, CVE-2015-5927, CVE-2015-5932, CVE-2015-5933, CVE-2015-5934, CVE-2015-5935, CVE-2015-5936, CVE-2015-5937, CVE-2015-5938, CVE-2015-5939, CVE-2015-5940, CVE-2015-5942, CVE-2015-5943, CVE-2015-5944, CVE-2015-5945, CVE-2015-6563, CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838, CVE-2015-6974
MD5 | ddfe1ba6973f061438e1225d2ce48206
issetugid() + rsh + libmalloc OS X Local Root
Posted Oct 3, 2015
Authored by Philip Pettersson

The default root-suid binary /usr/bin/rsh on Mac OS X uses execv() in an insecure manner. /usr/bin/rsh will invoke /usr/bin/rlogin if launched with only a host argument, without dropping privileges or clearing the environment. This exploit will pass "MallocLogFile" to /usr/bin/rsh, which is then passed on to rlogin and interpreted by libmalloc to create a root-owned file with partially controlled contents at /etc/crontab which gives a rootshell via sudo. Tested on 10.9.5 / 10.10.5 but it most likely works on much older versions too.

tags | exploit, root
systems | apple, osx
advisories | CVE-2015-5889
MD5 | 81acf0e43a571e81418379cca28b84a9
Apple Security Advisory 2015-09-30-03
Posted Oct 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-09-30-03 - OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2013-3951, CVE-2014-2532, CVE-2014-3618, CVE-2014-6277, CVE-2014-7186, CVE-2014-7187, CVE-2014-8080, CVE-2014-8090, CVE-2014-8146, CVE-2014-8147, CVE-2014-8611, CVE-2014-9425, CVE-2014-9427, CVE-2014-9652, CVE-2014-9705, CVE-2014-9709, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-1351, CVE-2015-1352, CVE-2015-1855, CVE-2015-2301, CVE-2015-2305, CVE-2015-2331
MD5 | 394e001ee3e97a0e28026a7e3dd1db7f
Dropbox FinderLoadBundle OS X Local Root Exploit
Posted Oct 1, 2015
Authored by cenobyte

The setuid root FinderLoadBundle that was included in older DropboxHelperTools versions for OS X allows loading of dynamically linked shared libraries that are residing in the same directory. The directory in which FinderLoadBundle is located is owned by root and that prevents placing arbitrary files there. But creating a hard link from FinderLoadBundle to somewhere in a directory in /tmp circumvents that protection thus making it possible to load a shared library containing a payload which creates a root shell.

tags | exploit, arbitrary, shell, root
systems | apple, osx
MD5 | 04b4586c44bb0dd781367933375dfb86
Cisco AnyConnect DMG Install Script Privilege Escalation
Posted Sep 24, 2015
Authored by Yorick Koster, Securify B.V.

Cisco AnyConnect Secure Mobility Client for OS X is affected by a vulnerability that allows local attackers to mount arbitrary DMG files at arbitrary mount points. By exploiting this vulnerability is is possible for the attacker to gain root privileges. Cisco reports that a similar issue also exists in Cisco AnyConnect Secure Mobility Client for Linux.

tags | exploit, arbitrary, local, root
systems | cisco, linux, apple, osx
advisories | CVE-2015-6306
MD5 | 8be68890167456b9dd0967051312157e
Cisco Security Advisory 20150923-iosxe
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the processing of IPv4 packets that require Network Address Translation (NAT) and Multiprotocol Label Switching (MPLS) services of Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4300 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper processing of IPv4 packets that require NAT and MPLS processing. An attacker could exploit this vulnerability by sending an IPv4 packet to be processed by a Cisco IOS XE device configured to perform NAT and MPLS services. A successful exploit could allow the attacker to cause a reload of the affected device. Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate this vulnerability.

tags | advisory, remote, vulnerability
systems | cisco, osx
MD5 | 34fb007e6442e42607ed8b3c0eb42725
Cisco Security Advisory 20150923-sshpk
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the SSH version 2 (SSHv2) protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configured for the Virtual Teletype (VTY) line. Depending on the configuration of the user and of the vty line, the attacker may obtain administrative privileges on the system. The attacker cannot use this vulnerability to elevate privileges. The attacker must know a valid username configured for RSA-based user authentication and the public key configured for that user to exploit this vulnerability. This vulnerability affects only devices configured for public key authentication method, also known as RSA-based user authentication feature. Cisco has released software updates that address this vulnerability. Workarounds for this vulnerability are not available; however administrators could temporarily disable RSA-based user authentication to avoid exploitation.

tags | advisory, remote, protocol
systems | cisco, osx
MD5 | ce8dba8eeb58f67eedfc9efd57490413
Cisco Security Advisory 20150923-fhs
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities.

tags | advisory, remote, vulnerability
systems | cisco, osx
MD5 | 455c9079f8dedf23a5b45bc998707c4a
OS X Regex Engine Integer Signedness / Overflow
Posted Sep 23, 2015
Authored by Google Security Research, ianbeer

OS X Regex Engine (TRE) suffers from integer signedness and overflow issues.

tags | exploit, overflow
systems | linux, apple, osx
advisories | CVE-2015-3798
MD5 | b3e63f40edf650e945be050b95cee62d
OS X Regex Engine Stack Buffer Overflow
Posted Sep 23, 2015
Authored by Google Security Research, ianbeer

OS X Regex Engine (TRE) suffers from a stack buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, apple, osx
advisories | CVE-2015-3796
MD5 | f85a0765d88cae33afc0a1351323e720
OS X Regex Engine Bad Alloca
Posted Sep 22, 2015
Authored by Google Security Research, ianbeer

The OS X regex engine (TRE) uses the alloca function in a few places, sometimes where an attacker can partially control the size.

tags | exploit
systems | linux, apple, osx
advisories | CVE-2015-3797
MD5 | 37f4dcb64834686e35367244c95a0809
Apple Security Advisory 2015-09-16-4
Posted Sep 19, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-09-16-4 - OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-5704, CVE-2014-0067, CVE-2014-3581, CVE-2014-3583, CVE-2014-8109, CVE-2014-8161, CVE-2014-8500, CVE-2015-0228, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244, CVE-2015-0253, CVE-2015-1349, CVE-2015-3165, CVE-2015-3166, CVE-2015-3167, CVE-2015-3183, CVE-2015-3185, CVE-2015-5911
MD5 | 9208ba697cec7d9ca5072fe06e1469d3
OS X IOKit Kernel Memory Corruption
Posted Sep 18, 2015
Authored by Google Security Research, ianbeer

An OS X IOKit kernel memory corruption issue occurs due to a bad bzero in IOBluetoothDevice.

tags | exploit, kernel
systems | linux, apple, osx
advisories | CVE-2014-8836
MD5 | be89e142f6fbb107f137d490b98a4d33
Zed Attack Proxy 2.4.2 Mac OS X Release
Posted Sep 9, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Various updates.
tags | tool, web, vulnerability
systems | apple, osx
MD5 | 5017d53f6bb5810d3c9f7f30ec648836
Disconnect.me 2.0 Local Root Exploit
Posted Sep 8, 2015
Authored by Kristian Hermansen

Disconnect.me versions 2.0 and below suffer from a local privilege escalation vulnerability on Mac OS X.

tags | exploit, local
systems | apple, osx
MD5 | 241107c5fff1b5e8ea574486022d681e
OS X x64 /bin/sh Shellcode
Posted Sep 2, 2015
Authored by Csaba Fitzl

34 bytes small NULL byte free OS X x64 /bin/sh shellcode.

tags | shellcode
systems | apple, osx
MD5 | a3acc83e3c82166d8beeb36642e5f233
Page 4 of 27
Back23456Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close