10 matches found
Memory corruption
AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app, a different vulnerability than CVE-2016-4700...
Apple OSX WindowServer: heap overflow vulnerability lead to mention the right vulnerability-vulnerability warning-the black bar safety net
! CVE ID CVE-2 0 1 6-4 6 4 0 The CVSS Score 4.4, AV:L/AC:M/Au:N/C:P/I:P/A:P The affected supplier Apple The affected products OSX Vulnerability details This vulnerability allows a remote attacker is able to in easy to install Apple OSX on the execution of arbitrary code. Exploitation of this...
Apple OSX 10.10.4 DYLD_PRINT_TO_FILE Privilege Escalation Exploit
In Apple OS X 10.10.4 and prior, the DYLDPRINTTOFILE environment variable is used for redirecting logging data to a file instead of stderr. Due to a design error, this feature can be abused by a local attacker to write arbitrary files as root via restricted, SUID-root binaries. This module requir...
openSUSE: Security Advisory for Chromium (openSUSE-SU-2012:1637-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation
Apple Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation !/usr/bin/ruby c 2006 LMH Kevin Finisterre Thanks to The French Connection for bringing this in-the-wild 0-day to our attention. If /tmp/ps2 exists on your system, you've been pwned already. Thanks to the original authors of the explo...
DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'
DMA2006-0801a - 'Apple OSX fetchmail buffer overflow' Author: Kevin Finisterre Vendor: http://www.apple.com/ Product: 'Mac OSX =10.4.7' References: http://www.digitalmunition.com/DMA2006-0801a.txt http://www.digitalmunition.com/getpwnedmail-x86.pl http://www.digitalmunition.com/getpwnedmail-ppc.p...
DMA-2005-0127a.txt
DMA2005-0127a - 'Apple OSX batch family poor use of setuid' Author: Kevin Finisterre Vendor: http://www.apple.com/macosx/ Product: at commands = Mac OS X v10.3.7, Mac OS X Server v10.3.7 References: CAN-2005-0125 http://www.digitalmunition.com/DMA2005-0127a.txt...
[Full-Disclosure] DMA[2005-0127a] - 'Apple OSX batch family poor use of setuid'
DMA2005-0127a - 'Apple OSX batch family poor use of setuid' Author: Kevin Finisterre Vendor: http://www.apple.com/macosx/ Product: at commands = Mac OS X v10.3.7, Mac OS X Server v10.3.7 References: CAN-2005-0125 http://www.digitalmunition.com/DMA2005-0127a.txt...
[Full-Disclosure] OSX Panther Internet Connect Vulnerability.
Apple OSX Panther Internet Connect - Local root Vulnerability. ============================================================== Date: 25.07.2004 Author: B-r00t. 2004. Email: B-r00t [email protected] Vendor: Apple Operating System: OSX Panther Possibly Previous Versions. Application: Internet...
Apple OSX sliplogin overflow
side note ... isn't it odd that I can run gdb on a suid binary? Osx version 10.1.3 localhost: elguapo ls -al /usr/sbin/sliplogin -r-sr-xr-x 1 root wheel 14700 Dec 8 10:49 /usr/sbin/sliplogin localhost: elguapo sliplogin perl -e 'print "A" x 9000' Bus error localhost: elguapo uname -a Darwin...