EUVD-2007-5820

Malware in sbrugna...

EUVD-2018-18226

Malware in sbrugna...

.DS_Store File Detected

The web server on the remote host allows read access to a OSX .DSStore file. This potential flaw can be used to access content from the web server that might otherwise be private. No source data...

Nibbleblog Information Disclosure Vulnerability

Nibbleblog for macOS is a set of blogging engine based on macOS platform. A security vulnerability exists in version 4.0.5 of Nibbleblog for macOS. An attacker can exploit the vulnerability to obtain DSStore information...

CVE-2018-6470

Nibbleblog 4.0.5 on macOS defaults to having .DSStore in each directory, causing DSStore information to leak...

CVE-2018-6470

Nibbleblog 4.0.5 on macOS is affected by an information disclosure vulnerability where .DS_Store files are present in each directory, leaking DS_Store metadata. Root cause is the default behavior of placing DS_Store files in directories, enabling partial confidentiality impact (DS_Store data expo...

CVE-2018-6470

Nibbleblog 4.0.5 on macOS defaults to having .DSStore in each directory, causing DSStore information to leak...

X (Formerly Twitter): Information Disclosure through .DS_Store in ██████████

Hello! Description: The website located at █████████ suffers from an information disclosure through ".DSStore" file, accessible to unauthorised external users. In the Apple OS X operating system, .DSStore is a file that stores custom attributes of its containing folder. Reproduction Steps: Guide...

Cross site request forgery (csrf)

Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DSStore and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request...

CVE-2016-1776

CVE-2016-1776 affects Apple OS X Server before 5.1, in the Web Server component. The issue is an information disclosure where access to .DS_Store and .htaccess files is not properly restricted, allowing remote attackers to obtain sensitive configuration information via HTTP. Mitigation: upgrade t...

CVE-2016-1776

Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DSStore and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request...

Apple Macintosh OS X .DS_Store 信息泄露漏洞

Apple Mac OS X 系统会在文件夹下生成一个.DSStore文件，里面包含了当前目录的目录以及文件夹名称。当开发者上传网站目录时，可能会把此文件上传到网站目录，导致信息泄露、后台暴露等。 !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from dsstore import DSStore class TestPOCPOCBas...

Heap overflow

Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DSStore file...

CVE-2007-5850

Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DSStore file...

CVE-2007-5850

Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DSStore file...

CVE-2006-4402

Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DSStore files...

Multiple MacOS X security vulnerabilities

Apple Type Services server font processing buffer overflow. ftpd may allow arbitrary users to determine account name validity. CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Security Framework Secure Transport may not negotiate the best cipher available. PPP driv...

Apple Mac OS X Finder fails to properly handle malformed .DS_Store files

Overview Apple Finder fails to properly handle malformed .DSStore files. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. Description .DSStore files are hidden files used by Apple Finder to control the display of a folder and its contents.According to App...

Mac OS X DS_Store Arbitrary File Overwrite Exploit

No description provided by source. !/usr/bin/perl OSX Finder DSStore arbitrary file overwrite exploit. root version vade79 - [email protected] fakehalo/realhalo this will create a directory called "xfinder" in your home directory, once the root user has modified that directory using Finder in almost...

MacOS X Finder '.DS_Store' Information Disclosure

MacOS X creates a hidden file SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10756";...