CVE-2018-4009

The CVE-2018-4009 issue affects Shimo VPN’s helper service on macOS, where privilege escalation is possible due to improper validation of code signing. The Shimo helper signs and launches auxiliary binaries after a basic code-sign check (kSecCSBasicValidateOnly), which does not verify the signing...

PT-2019-10749 · Feingeist Software Gmbh · Shimo Vpn

Name of the Vulnerable Software and Affected Versions: Shimo VPN affected versions not specified Description: A privilege escalation issue exists due to improper validation of code signing in the Shimo VPN helper service. This allows a user with local access to raise their privileges to root. An...

Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities

Binary data 700510.prm...

SHA-2 Code Sign Support Advisory

Microsoft is announcing the release of SHA-2 code sign support for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2. Please see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS for more information...

SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019

SHA-2 code signing support update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: September 23, 2019 Notice This security update was released March 12, 2019 for Windows 7 SP1 and Windows Server 2008 R2 SP1. This security update was updated May 14, 2019 to add support for Windows...

Code Injection

openjdk is vulnerable to code injection attacks. The vulnerability exists as jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...

MacOS Process Code Signing: Not Signed

Binary data macoscodesignnotsigned.nbin...

MacOS Process Code Signing: Misc

Binary data macoscodedesignmisc.nbin...

MacOS Process Code Signing: Not Apple

Binary data macoscodesignnotapple.nbin...

MacOS Process Code Signing: Invalid Apple

Binary data macoscodesigninvalidapple.nbin...

MacOS Process Code Signing: Invalid

Binary data macoscodesigninvalid.nbin...

MacOS Process Code Signing: Signed

Binary data macoscodesignsigned.nbin...

CVE-2018-6336

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

CVE-2018-6336

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

CVE-2018-6336

The CVE-2018-6336 issue affects osquery prior to v3.2.7. A malformed Universal/Fat binary can bypass third-party code-signing checks, causing unsigned code to execute while appearing Apple-signed. This is triggered when a Fat binary’s nested Mach-O binaries aren’t fully inspected, leading third-p...

Code injection

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

CVE-2018-6336

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

CVE-2018-6336

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code...

OracleVM 3.3 / 3.4 : nss (OVMSA-2018-0264)

The remote OracleVM system is missing necessary patches to address critical security updates : - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed - Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which...

DEF CON 2018: Apple 0-Day (Re)Opens Door to ‘Synthetic’ Mouse-Click Attack

LAS VEGAS – By tweaking just two lines of code, a researcher stumbled on an Apple zero-day that could allow a local attacker to virtually “click” a security prompt and thus load a kernel extension on systems running Apple’s latest High Sierra operating system. Kernel access on a Mac gives an...