198 matches found
K-Meleon 1.5.3 - Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 K-Meleon 1.5.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
MacOSX 10 CD9660.Util Probe For Mounting Argument Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9228/info The cd9660.util utility has been reported prone to a local buffer overrun vulnerability. Excessive data supplied as an argument for the probe for mounting switch, passed to the cd9660.util utility will overrun t...
MacOS X 10.9 Hard Link Memory Corruption
No description provided by source. / MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799 http://cxsecurity.com/issue/WLB-2013110059 The HFS+...
MacOSXLabs RsyncX 2.1 Insecure Temporary File Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11212/info RsyncX is reported to contain an insecure temporary file creation vulnerability. The result of this is that temporary files created by the application may use predictable filenames. A local attacker may exploit...
os-x/ppc execve(/bin/sh), exit() 72 bytes
No description provided by source. / MacOSX/PowerPC Shellcode for: execve/bin/sh, /bin/sh, NULL, exit 72 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ / include stdio.h include string.h char shellcode = \x7c\xa5\x2a\x79 \x40\x82\xff\xfd \x7d\x68\x02\xa6 \x3b\xeb\x01\x71 \x39\x40\x01\x...
Apple Mac OS X xnu <= 1228.0 mach-o Local Kernel Denial of Service PoC
No description provided by source. / xnu-macho-dos.c Copyright c 2007 by [email protected] Apple MACOS X xnu = 1228.0 local kernel DoS POC by mu-b - Thu 15 Nov 2007 - Tested on: Apple MACOS X 10.4 xnu-792.22.51/RELEASEI386 Apple MACOS X 10.5.1 xnu-1228.0.21/RELEASEI386 Apple MACOS X 10.5.1...
os-x/ppc sync(), reboot() 32 bytes
No description provided by source. / MacOSX/PowerPC Shellcode for: sync, reboot 32 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ / include stdio.h include string.h char shellcode = \x7c\x63\x1a\x79 \x39\x40\x01\x06 \x38\x0a\xff\x1e \x44\xff\xff\x02 \x60\x60\x60\x60 \x39\x40\x01\x19...
UFO: Alien Invasion 2.2.1 - Remote Code Execution (OSX)
No description provided by source. !/usr/bin/python UFO: Alien Invasion v2.2.1 IRC Client Remote Code Execution - MacOSX Author: dookie Windows PoC: Jason Geffner http://www.exploit-db.com/exploits/14013 import sys, socket, struct msfpayload osx/x86/vforkshellbindtcp R | msfencode -b '\x00\x0a\x0...
SeaMonkey 1.1.8 - Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/221 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SeaMonkey 1.1.8 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
presto! pagemanager <= 9.01 - Multiple Vulnerabilities
No description provided by source. Luigi Auriemma Application: Presto! PageManager http://www.newsoftinc.com/products/productpage.php?PId=5 Versions: = 9.01 Platforms: Windows, MacOSX Bugs: A Heap-overflow B Arbitray files downloading C Denial of Service Exploitation: remote Date: 14 Mar 2012...
openSUSE Security Update : samba (openSUSE-SU-2013:1787-1)
"the following security issues were fixed in samba : - ACLs are not checked on opening an alternate data stream on a file or directory; CVE-2013-4475; bso10229 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:0377-1)
java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...
Oracle VirtualBox Graphics Driver (WDDM) Unspecified Vulnerability (cpuapr2014) - Mac OS X
Oracle VirtualBox is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
MacOSX/XNU HFS Multiple Vulnerabilities
MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799 http://cxsecurity.com/issue/WLB-2013110059 The HFS+ file system does not apply strict...
Apple Mac OSX 10.9 - Hard Link Memory Corruption
/ MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799 http://cxsecurity.com/issue/WLB-2013110059 The HFS+ file system does not apply strict...
MacOSX 10.9.2/XNU HFS Hard Linking
MacOSX/XNU HFS Multiple Vulnerabilities Maksymilian Arciemowicz http://cxsecurity.com/ http://cifrex.org/ =================== On November 8th, I've reported vulnerability in hard links for HFS+ CVE-2013-6799 http://cxsecurity.com/issue/WLB-2013110059 The HFS+ file system does not apply strict...
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service http://cxsecurity.com/ YouTube Kaspersky PoC: https://www.youtube.com/watch?v=joa9IS7U90 ---- 0. Where is the problem? ---- Some time ago I have reported vulnerabilities in regcomp in BSD implementation CVE-2011-3336 and GNU li...
OS X / Safari / Firefox REGEX Denial Of Service
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service http://cxsecurity.com/ ---- 0. Where is the problem? ---- Some time ago I have reported vulnerabilities in regcomp in BSD implementation CVE-2011-3336 and GNU libc implementation CVE-2010-4051 CVE-2010-4052. Now is the time for...
[Capstone] Ultimate Disassembly Framework
Capstone is a lightweight multi-platform, multi-architecture disassembly framework. Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community. Features Support hardware architectures: ARM, ARM64 aka ARMv8, Mips & X86 more details...
Apple MacOSX 10.9 Hard Link Memory Corruption
Apple MacOSX 10.9 Hard Link Memory Corruption Date: 08.11.2013 http://cxsecurity.com/ http://cvemap.org/ URL: http://cxsecurity.com/issue/WLB-2013110059 - 0. Description --- In most UNIX-like systems a hard link to a directory is only reserved for the 'root' user when possible at all. In MacOSX...