what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 126 - 150 of 691 RSS Feed

Operating System: Mac OS X

Dropbox FinderLoadBundle OS X Local Root Exploit
Posted Oct 1, 2015
Authored by cenobyte

The setuid root FinderLoadBundle that was included in older DropboxHelperTools versions for OS X allows loading of dynamically linked shared libraries that are residing in the same directory. The directory in which FinderLoadBundle is located is owned by root and that prevents placing arbitrary files there. But creating a hard link from FinderLoadBundle to somewhere in a directory in /tmp circumvents that protection thus making it possible to load a shared library containing a payload which creates a root shell.

tags | exploit, arbitrary, shell, root
systems | apple, osx
SHA-256 | 2fe41a90799fee4a1fce5da2d6dcba950035afb15b2c3fe6f1dcec5f37e1a3a0
Cisco AnyConnect DMG Install Script Privilege Escalation
Posted Sep 24, 2015
Authored by Yorick Koster, Securify B.V.

Cisco AnyConnect Secure Mobility Client for OS X is affected by a vulnerability that allows local attackers to mount arbitrary DMG files at arbitrary mount points. By exploiting this vulnerability is is possible for the attacker to gain root privileges. Cisco reports that a similar issue also exists in Cisco AnyConnect Secure Mobility Client for Linux.

tags | exploit, arbitrary, local, root
systems | cisco, linux, apple, osx
advisories | CVE-2015-6306
SHA-256 | 66660159f211f495d60f7ca1acea5dbe4e444722621da4f69354d6747a67fc1b
Cisco Security Advisory 20150923-iosxe
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the processing of IPv4 packets that require Network Address Translation (NAT) and Multiprotocol Label Switching (MPLS) services of Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4300 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper processing of IPv4 packets that require NAT and MPLS processing. An attacker could exploit this vulnerability by sending an IPv4 packet to be processed by a Cisco IOS XE device configured to perform NAT and MPLS services. A successful exploit could allow the attacker to cause a reload of the affected device. Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate this vulnerability.

tags | advisory, remote, vulnerability
systems | cisco, osx
SHA-256 | 426911a2340b77ce46c2ba99fd3f3b7030de0d1d02a5d5585ee5a5138cc0f294
Cisco Security Advisory 20150923-sshpk
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the SSH version 2 (SSHv2) protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configured for the Virtual Teletype (VTY) line. Depending on the configuration of the user and of the vty line, the attacker may obtain administrative privileges on the system. The attacker cannot use this vulnerability to elevate privileges. The attacker must know a valid username configured for RSA-based user authentication and the public key configured for that user to exploit this vulnerability. This vulnerability affects only devices configured for public key authentication method, also known as RSA-based user authentication feature. Cisco has released software updates that address this vulnerability. Workarounds for this vulnerability are not available; however administrators could temporarily disable RSA-based user authentication to avoid exploitation.

tags | advisory, remote, protocol
systems | cisco, osx
SHA-256 | 6bb5a45a2fbd512ed3aa4d90ff71881a50ad9af02083391db8eaf255a2cc93bb
Cisco Security Advisory 20150923-fhs
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities in the IPv6 first hop security feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities.

tags | advisory, remote, vulnerability
systems | cisco, osx
SHA-256 | e1f2da6fedc66d63bb64c173c44f2ac66b96073b0f040599afe50fd556f7059a
OS X Regex Engine Integer Signedness / Overflow
Posted Sep 23, 2015
Authored by Google Security Research, Ian Beer

OS X Regex Engine (TRE) suffers from integer signedness and overflow issues.

tags | exploit, overflow
systems | linux, apple, osx
advisories | CVE-2015-3798
SHA-256 | c4c0f4887f90a7b044ece2c30e99c3551cdccd98d07ef1bb542fc7bca4fc060e
OS X Regex Engine Stack Buffer Overflow
Posted Sep 23, 2015
Authored by Google Security Research, Ian Beer

OS X Regex Engine (TRE) suffers from a stack buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, apple, osx
advisories | CVE-2015-3796
SHA-256 | 5ad1dbca55084a0bde0fa1fbe2614f5806fada2f7a3afbc24bc91426dba68011
OS X Regex Engine Bad Alloca
Posted Sep 22, 2015
Authored by Google Security Research, Ian Beer

The OS X regex engine (TRE) uses the alloca function in a few places, sometimes where an attacker can partially control the size.

tags | exploit
systems | linux, apple, osx
advisories | CVE-2015-3797
SHA-256 | 4892e0cd6b0f4549272861144a2d62b719c14ab2eeb90564785bc88c25656d6e
Apple Security Advisory 2015-09-16-4
Posted Sep 19, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-09-16-4 - OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-5704, CVE-2014-0067, CVE-2014-3581, CVE-2014-3583, CVE-2014-8109, CVE-2014-8161, CVE-2014-8500, CVE-2015-0228, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244, CVE-2015-0253, CVE-2015-1349, CVE-2015-3165, CVE-2015-3166, CVE-2015-3167, CVE-2015-3183, CVE-2015-3185, CVE-2015-5911
SHA-256 | 8254c8d55f2667e65687c75dc0e4ebbbd127b907729adba11b4a141d12fc30b2
OS X IOKit Kernel Memory Corruption
Posted Sep 18, 2015
Authored by Google Security Research, Ian Beer

An OS X IOKit kernel memory corruption issue occurs due to a bad bzero in IOBluetoothDevice.

tags | exploit, kernel
systems | linux, apple, osx
advisories | CVE-2014-8836
SHA-256 | f3d2f3b8051f90b86f0cfd263f09f98a7e0e04c1e1fcff20c13e3ca8f318052c
Zed Attack Proxy 2.4.2 Mac OS X Release
Posted Sep 9, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Various updates.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | b6d8f3a9632ab99bae4097084df74efd2321c22182aff3a119dd1e69ecc69a63
Disconnect.me 2.0 Local Root Exploit
Posted Sep 8, 2015
Authored by Kristian Hermansen

Disconnect.me versions 2.0 and below suffer from a local privilege escalation vulnerability on Mac OS X.

tags | exploit, local
systems | apple, osx
SHA-256 | c9dbb506c64347ed7c7856a009d1aaf86f85e2756fd4d256803477716b89bdec
OS X x64 /bin/sh Shellcode
Posted Sep 2, 2015
Authored by Csaba Fitzl

34 bytes small NULL byte free OS X x64 /bin/sh shellcode.

tags | shellcode
systems | apple, osx
SHA-256 | 62604cfda35d5ea48e784d6b5bfb83d4ce2aa61f09505d7ee7a39833737dc0ef
Red Hat Security Advisory 2015-1627-01
Posted Aug 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1627-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. An invalid free flaw was found in glibc's getaddrinfo() function when used with the AI_IDN flag. A remote attacker able to make an application call this function could use this flaw to execute arbitrary code with the permissions of the user running the application. Note that this flaw only affected applications using glibc compiled with libidn support.

tags | advisory, remote, arbitrary
systems | linux, redhat, osx
advisories | CVE-2013-7424
SHA-256 | 09824f32e3805a9e1048366162b64a1f26104e46bb0ac50ac2b3cfa92168bbeb
Apple Security Advisory 2015-08-13-4
Posted Aug 13, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-13-4 - OS X Server v4.1.5 is now available and addresses a BIND related denial of service vulnerability.

tags | advisory, denial of service
systems | apple, osx
advisories | CVE-2015-5477
SHA-256 | f5e6c2b5a0d5ca19d92a278a308911b7cb4cc61a13ba12f4a9b43825f1a463cf
Apple Security Advisory 2015-08-13-2
Posted Aug 13, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-13-2 - OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and more.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2009-5044, CVE-2009-5078, CVE-2012-6685, CVE-2013-1775, CVE-2013-1776, CVE-2013-2776, CVE-2013-2777, CVE-2013-7040, CVE-2013-7338, CVE-2013-7422, CVE-2014-0067, CVE-2014-0106, CVE-2014-0191, CVE-2014-1912, CVE-2014-3581, CVE-2014-3583, CVE-2014-3613, CVE-2014-3620, CVE-2014-3660, CVE-2014-3707, CVE-2014-7185, CVE-2014-7844, CVE-2014-8109, CVE-2014-8150, CVE-2014-8151, CVE-2014-8161, CVE-2014-8767, CVE-2014-8769
SHA-256 | 1ccd5f307af57152abb6e4f0da773ca4420fb7a6e98f26301366a9071ecc9a33
Zed Attack Proxy 2.4.1 Mac OS X Release
Posted Aug 5, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Various updates.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | 98c9cab401dd95c021ee32cf4030aa63a64f08a82c6fe0d2493663e3c6e1c5a3
OS X Keychain EXC_BAD_ACCESS Denial Of Service
Posted Aug 4, 2015
Authored by Juan Sacco

Mac OS X 10.10.4 (Yosemite) suffers from a keychain-related denial of service vulnerability.

tags | exploit, denial of service
systems | apple, osx
SHA-256 | 5e5264989ee711ea2cf1f4508b6d73169a2f88b72a97de4b2be4e77d5bfb3214
Cisco Security Advisory 20150730-asr1k
Posted Aug 3, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the code handling the reassembly of fragmented IP version 4 (IPv4) or IP version 6 (IPv6) packets of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a crash of the Embedded Services Processor (ESP) processing the packet. The vulnerability is due to improper processing of crafted, fragmented packets. An attacker could exploit this vulnerability by sending a crafted sequence of fragmented packets. An exploit could allow the attacker to cause a reload of the affected platform. Cisco has released software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.

tags | advisory, remote
systems | cisco, osx
SHA-256 | 927bb8bedea60ec82b1e53204a9f62223814ed18dd75bae126ded3c6b1eec619
Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation
Posted Jul 23, 2015
Authored by Stefan Esser, joev | Site metasploit.com

In Apple OS X 10.10.4 and prior, the DYLD_PRINT_TO_FILE environment variable is used for redirecting logging data to a file instead of stderr. Due to a design error, this feature can be abused by a local attacker to write arbitrary files as root via restricted, SUID-root binaries.

tags | exploit, arbitrary, local, root
systems | apple, osx
SHA-256 | 5f8a24055c7eacceccce25d80da65ff0a662a967a7f926c2fe621369f5e41ae2
Cisco Security Advisory 20150722-tftp
Posted Jul 22, 2015
Site cisco.com

cisco-sa-2015722-tftp.txt - A vulnerability in the TFTP server feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The TFTP server feature is not enabled by default. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, denial of service
systems | cisco, osx
SHA-256 | 658481621117b1e5ad4720664e9f121c4ec0623b5bc76430db620a3e6fc56afc
OS X 10.10 DYLD_PRINT_TO_FILE Privilege Escalation
Posted Jul 22, 2015
Authored by Stefan Esser

OS X version 10.10 DYLD_PRINT_TO_FILE local privilege escalation proof of concept exploit.

tags | exploit, local, proof of concept
systems | apple, osx
SHA-256 | 54d151a0576992acbdfc4330c685be0f33834016156eaf6b60eb50e760abfc0c
Apple Security Advisory 2015-06-30-2
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-2 - OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2015-0209, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293, CVE-2015-1157, CVE-2015-1798, CVE-2015-1799, CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, CVE-2015-3668, CVE-2015-3671, CVE-2015-3672, CVE-2015-3673
SHA-256 | 36670a2c92a10eed9caf9afd9dd5f818e184e427c1eddb4da037e0aebc712907
Unauthorized Cross-App Resource Access On Mac OS X And iOS
Posted Jun 17, 2015
Authored by XiaoFeng Wang, Xiaojing Liao, Kai Chen, Luyi Xing, Xiaolong Bai, Tongxin Li

The research in this paper leads to the discovery of a series of high-impact security weaknesses, which enable a sandboxed malicious app, approved by the Apple Store, to gain unauthorized access to other apps' sensitive data. More specifically, the researchers found that the inter-app interaction services, including the keychain and WebSocket on OS X and URL Scheme on OS X and iOS, can all be exploited by the malware to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote.

tags | paper
systems | cisco, apple, osx, ios
SHA-256 | ece3215f1041638c7e80717f3528c48fffb5d9d0f9b925cd46938a293c3d9f4f
Cisco Security Advisory 20150611-iosxr
Posted Jun 11, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the IP version 6 (IPv6) processing code of Cisco IOS XR Software for Cisco CRS-3 Carrier Routing System could allow an unauthenticated, remote attacker to trigger an ASIC scan of the Network Processor Unit (NPU) and a reload of the line card processing an IPv6 packet. The vulnerability is due to incorrect processing of an IPv6 packet carrying IPv6 extension headers that are valid but unlikely to be seen during normal operation. An attacker could exploit this vulnerability by sending such an IPv6 packet to an affected device that is configured to process IPv6 traffic. An exploit could allow the attacker to cause a reload of the line card, resulting in a DoS condition. Cisco has released free software updates that address this vulnerability. There is no workaround that mitigates this vulnerability.

tags | advisory, remote
systems | cisco, osx
SHA-256 | e56b00b94f7935d03ca8b85ffb3a47abd5d4c85aedc4c8a4a169c488060e8544
Page 6 of 28
Back45678Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close