Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected.
cde4d25e68a273c6d5c20d3578cda77f6c048e35cf3936b680f4f3eaecbffdd7
Remote exploit for the Unreal game engine for Windows, MacOS, and Linux that makes use of a format string bug. This proof-of-concept is a proxy server able to modify the Unreal packets in real-time allowing the insertion of %n into the class names sent by the client to the server causing the remote crash. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.
87f327452ec46e6b01fe3b3812aa44923bf4c03bcf59360267ddca9d1b307e79
Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
0389286b9521691014e34e17612c2dcfe8bd007f7ea4a673870e7418734fa223
The Unreal game engine for Windows, MacOS, and Linux has a format string bug that allows an attacker to remotely crash or execute malicious code on the server. Games affected: America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, Tactical Ops, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, and XIII.
e0ba75525b76f3a8f0df41fe6ab0de28307f96f2564e4076dce7b1591c77c934
Red Faction versions 1.20 and below for Windows and MacOS is susceptible to a buffer overflow client-side.
0d23110c88e8d9c7c911aebf57b21d8ab68ac87a39911f38102ece3b8015a52c
Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
bc0e8606560421ac048a819458d51837d40ddf66dac82615455a6249ac91535a
Access Point Utilities for Unix is a set of utilities that configure and monitor a Wireless Access Point under Unix. It is known to compile (with GCC and the IBM C compiler) and run under Linux, FreeBSD, OpenBSD, MacOS X, AIX, and QNX.
450841067ef99c99f5e9815e58113334b25e1619a4fdc1263a93d810a9cfd8c9
It is possible to cause a denial of service attack against the SecurityServer daemon in MacOS X, MacOS X Server, and Darwin by unlocking a locked keychain and specifying a very long password.
a3653aefeca3ecafb4c185983e02665e6bbf3fc54e93bfd64cdf5df740dd80e9
Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to, or to ping an ethernet address directly. Tested on Linux, {Free,Net,Open}BSD, MacOS X, and Solaris.
0e5dbf5e869c1139029b8bddb195e1f07112372d3fc6a8cd531dd8f298bfd15a
The screen saver that comes with MacOSX crashes when an large amount of characters are entered and then the return key is pressed. At this point, access to the desktop is achieved.
580c1aa4b027ccdd05e8525a8ed42272ff29b6f6fedab5539018ad21fadd994c
Atstake Security Advisory A041003-1 - MacOS X DirectoryService, which runs setuid as root, uses a system() to execute the touch command without properly using a full path. Due to this, a local attacker can execute commands as root.
ca8fa585c5c12890f30e767074ee9e77851c6c136557059afdae4911aeae24fd
Atstake Security Advisory A021403-1 - Mac OS X v10.2.3 contains a local root vulnerability in the TruBlueEnvironment portion of the MacOS Classic Emulator, which is suid root and installed by default.
922979add04dd03a99e8b8cf1546f75144cba14cd5ed8c57ec889932256bc0db
GreedyDog v2.3 is an ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris, IRIX, SunOS4, AIX, MacOSX, and Windows2000/Xp. GreedyDog keeps stream of each TCP session and writes to logfile. Very portable. Manual is here.
9ea5aa65e79bb73b43231fbad538888ef8b601b0fa200261c300006cf9e23e7c
Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Filters may be bypassed by putting line feeds in the middle of the javascript code, the browser will remove the line feeds and execute it.
38d619755398daddb4094c74d9e46a705ebf54917924ac7f57da9be93f94b110
ISS Security Alert Summary for January 1, 2001 - Volume 6 Number 2. 115 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: exmh-error-symlink, informix-webdriver-symlink, informix-webdriver-admin-access, zonealarm-mutex-dos, zonealarm-batfile-dos, shockwave-flash-swf-bo, macos-multiple-users, http-cgi-ikonboard, http-cgi-technote-main, xwindows-char-dos, 1stup-mail-server-bo, dialog-symlink, ibm-wcs-admin, http-cgi-technote-print, iis-web-form-submit, hpux-kermit-bo, bsguest-cgi-execute-commands, bslist-cgi-execute-commands, infinite-interchange-dos, oracle-execute-plsql, ksh-redirection-symlink, oracle-webdb-admin-access, infinite-interchange-dos, gnupg-detached-sig-modify, gnupg-reveal-private, zonealarm-nmap-scans, zonealarm-open-shares, win2k-index-service-activex, proftpd-size-memory-leak, weblogic-dot-bo, mdaemon-imap-dos, zope-calculate-roles, itetris-svgalib-path, bsd-ftpd-replydirname-bo, sonata-command-execute, solaris-catman-symlink, solaris-patchadd-symlink, stunnel-format-logfile, hp-top-sys-files, zope-legacy-names, mrj-runtime-malicious-applets, coffeecup-ftp-weak-encryption, watchguard-soho-fragmented-packets, jpilot-perms, mediaservices-dropped-connection-dos, watchguard-soho-web-auth, watchguard-soho-passcfg-reset, http-cgi-simplestguest, safeword-palm-pin-extraction, mdaemon-lock-bypass-password, cisco-catalyst-ssh-mismatch, microsoft-iis-file-disclosure, ezshopper-cgi-file-disclosure, winnt-mstask-dos, bftpd-site-chown-bo, aim-remote-bo, subscribemelite-gain-admin-access, zope-image-file, http-cgi-everythingform, http-cgi-simplestmail, http-cgi-ad, kde-kmail-weak-encryption, aolim-buddyicon-bo, aim-remote-bo, rppppoe-zero-length-dos, proftpd-modsqlpw-unauth-access, gnu-ed-symlink, oops-ftputils-bo, oracle-oidldap-write-permission, foolproof-security-bypass, broadvision-bv1to1-reveal-path, ssldump-format-strings, coldfusion-sample-dos, kerberos4-arbitrary-proxy, kerberos4-auth-packet-overflow, kerberos4-user-config, kerberos4-tmpfile-dos, homeseer-directory-traversal, offline-explorer-reveal-files, imail-smtp-auth-dos, apc-apcupsd-dos, cisco-catalyst-telnet-dos, ultraseek-reveal-path, irc-dreamforge-dns-dos, mailman-alternate-templates, markvision-printer-driver-bo, nt-ras-reg-perms, nt-snmp-reg-perms, nt-mts-reg-perms, irc-bitchx-dns-bo, ibm-db2-gain-access, ibm-db2-dos, vsu-source-routing, vsu-ip-bridging, ftp-servu-homedir-travers, cisco-cbos-web-access, watchguard-soho-get-dos, phone-book-service-bo, cisco-cbos-syn-packets, cisco-cbos-invalid-login, cisco-cbos-icmp-echo, linux-diskcheck-race-symlink, ie-form-file-upload, mssql-xp-paraminfo-bo, majordomo-auth-execute-commands, ie-print-template, aix-piobe-bo, aix-pioout-bo, aix-setclock-bo, aix-enq-bo, aix-digest-bo, and aix-setsenv-bo.
5e663d9821efd059b23f294cdfa745ad9b5a6aab6c5de4ec2febfa417d586623
Sawmill 5.0.21 is a site log statistics package for UNIX, Windows and MacOS which has remote vulnerabilities. Any file on the system can be read, and password is stored with a weak hash algorithm and can be decrypted using the included C program. This is dangerous because the previous security hole will allow you to read the hash and decrypt the admin password.
2c2c58f021857e688f36ad471178bf0306d758fc5829abf90f77a22c58174057
ISS Security Alert Summary June 1, 2000 - 78 new vulnerabilities have been reported in this quarter. This document has links to more information and full advisories on each. Includes: linux-cdrecord-execute, xlock-bo-read-passwd, bsd-syscall-cpu-dos, win-browser-hostannouncement, nai-webshield-config-mod, nai-webshield-bo, mdbms-bo, mailsite-get-overflow, hp-jetadmin-malformed-url-dos, hp-jetadmin-directory-traversal, deerfield-mdaemon-dos, cayman-dsl-dos, carello-file-duplication, netscape-ssl-certificate, cobalt-cgiwrap-bypass, gnome-gdm-bo, linux-fdmount-bo, qualcomm-qpopper-euidl, cart32-price-change, gauntlet-cyberdaemon-bo, ip-fragment-reassembly-dos, domino-doc-modify, domino-web-apps-access, axent-netprowler-ipfrag-dos, lotus-domino-esmtp-bo, linux-masquerading-dos, netice-icecap-alert-execute, netice-icecap-default, beos-tcp-frag-dos, ie-frame-domain-verification, ie-malformed-component-attribute, kerberos-krb-rd-req-bo, kerberos-krb425-conv-principal-bo, kerberos-ksu-bo, kscd-shell-env-variable, cproxy-http-dos, emurl-account-access, eudora-long-attachment-filename, ie-active-movie-control, antisniff-dns-overflow, delphi-ics-dot-attack, netscape-invalid-ssl-sessions, sol-netpr-bo, ie-cookie-disclosure, iis-malformed-information-extension, iis-url-extension-data-dos, netscape-import-certificate-symlink, ssh-zedz-consultants, coldfusion-cfcache-dos, http-cgi-formmail-environment, libmytinfo-bo, netopia-snmp-comm-strings, gnapster-view-files, netstructure-root-compromise, netstructure-wizard-mode, allaire-clustercats-url-redirect, aolim-file-path, iis-shtml-reveal-path, http-cgi-dbman-db, http-cgi-dnews-bo, ultraboard-cgi-dos, aladdin-etoken-pin-reset, http-cgi-dmailweb-bo, interscan-viruswall-bo, quake3-auto-download, ultraboard-printabletopic-fileread, cart32-expdate, cisco-online-help, hp-shutdown-privileges, http-cgi-listserv-wa-bo, aaabase-execute-dot-files, aaabase-file-deletion, macos-appleshare-invalid-range, win-netbios-source-null, linux-knfsd-dos, macos-filemaker-anonymous-email, and macos-filemaker-email. ISS X-Force homepage here.
4db0d03fb6271c35418d4d58ecec415169ad7a59e0467e9f65044a7c79068f6e
Hotmail is vulnerable to yet another serious security problem involving javascript. Windows, MacOS, and Linux users are affected. Consequences include hotmail account takeover, redirecting a hotmail user to any site, or access to the users computer if combined with other known exploits.
b5c11b65292e58dd2677389be22affdd1c3df87cc7488c5d48a5d785938ef4f6
There is a buffer overflow in the Win32 RealPlayer Basic client versions 6 and 7 which occurs when a long location to play string is entered. Using the HTML "EMBED" tag to embed RealPlayer in a webpage and setting the "AUTOSTART=true" flag, you can force RealPlayer to start automatically, triggering the overflow condition. It appears that arbitrary code could be exploited simply by *VISITING* a webpage with the malicious embedded RealPlayer tags. MacOS and linux versions appear not to be vulnerable.
37419905d1e37c015f0676d7c50395144408e6d018c7cd4c3400a0871bbd49fd
CERT Advisory CA-99-17 - Denial-of-Service Tools. Recently, new techniques for executing denial-of-service attacks have been made public. MacOS 9 can be abused by an intruder to generate a large volume of traffic directed at a victim in response to a small amount of traffic produced by an intruder. This allows an intruder to use MacOS 9 as a "traffic amplifier," and flood victims with traffic. A tool similar to Tribe FloodNet (TFN), called Tribe FloodNet 2K (TFN2K) was released.
ab550f432f810ab211b9bb7a79666b37ff7dae0625f51ff5088743f51352e8ec
l0pht.macos.fwb.hdtoolkit
0f37fcc8444cf20d26f12ea18dc6275587918888c721286d30c67e3a6fea4944
The encryption algorithm in MacOS system is simple and the password can be easily decoded
175d58893e91fe5f4d9047d46442dd17e5161c68d3431d910914873508df3ad6
DoS attack, and maybe worse, present in Apple MacOS 8.5.1 "Web Sharing".
aed7c32d95b5b5b2c61dcb1e6515a3f62876f67545fb30ede8c69fd9d587e019
MacOS synflood DoS attack affecting all versions of MacOS.
6812e0500cf036e070bb5dee39e94ae42856d8d675a430873c5bf8f254c9d6d7
Process-based denial of service vulnerability exists in MacOS X Server running Apache that allows remote attacker to easily kill the web server via looped HTTP requests. Test exploit code included.
f5a096462e64fb0011ee44a1691b337f8d7d1e10a3e7f24ac2832333238bc622
Security Holes In FileGuard 3.0.8 file protection software for the MacOS allows anyone with guest account access to gain administrator privileges and access to ALL files.
d30b0ace07c9127553b40b6f9b093814c9d1d6b26296018f0a52eb9ceca0e436