EUVD-2016-5603

Malware in sbrugna...

CVE-2008-7303

The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemon's execution of a script...

CVE-2019-5013

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this...

CVE-2019-5013

An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3, update helper service in the start/stopLaunchDProcess command. The command takes a user-supplied string argument and executes launchctl under root context. A user with local access can use this...

CVE-2019-5013

CVE-2019-5013 describes a local privilege escalation in the Wacom macOS driver (version 6.3.32-3) where the update helper’s start/stopLaunchDProcess command executes user-supplied input via launchctl under root, enabling a local attacker to load arbitrary LaunchAgents. Cisco Talos details confirm...

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves a sandbox escape related to launchctl process spawning in the "libxpc" component...

CVE-2016-4617

An issue was discovered in certain Apple products. macOS before 10.12 is affected. The issue involves a sandbox escape related to launchctl process spawning in the "libxpc" component...

CVE-2016-4617

CVE-2016-4617 affects macOS prior to 10.12 through a sandbox-escape in the libxpc component, related to launchctl process spawning. Connected sources (e.g., CNVD-2017-02507, NVD entry, and Apple security content) corroborate that libxpc had multiple sandbox-spawning weaknesses exploitable to brea...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (x86)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jum...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the...

CVE-2008-7303

The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemon's execution of a script...

Design/Logic Flaw

The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemon's execution of a script...

Apple Mac OS X /sbin/service本地权限提升漏洞

Apple Mac OS X是苹果家族计算机所使用的操作系统。 Mac OS X的/sbin/service工具在调用其他程序时没有确认安全的运行环境，本地攻击者可能利用此漏洞提升自己的权限。 Mac OS X的writeconfig使用/sbin/service启动各种服务，但这个脚本在调用launchctl工具时没有过滤PATH环境变量。本地用户可以修改PATH指向恶意的launchctl程序导致以root用户权限执行任意二进制程序。 Apple Mac OS X 10.4.8 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁：...

Design/Logic Flaw

Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program...

CVE-2007-0022

Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program...

Mac OS X writeconfig privilege escalation

launchctl utility is executed by relative path from suid application...

FailureToLaunch-2.pl.txt

!/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the hell are you fool. This is just a...

FailureToLaunch.pl.txt

!/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom This is a practical application of Non Executable Stack Lovin - http://www.digitalmunition.com/NonExecutableLovin.txt This code currently jumps into 0x1811111 via dyldstubclose...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)

Exploit for macOS platform in category local exploits ============================================================== Mac OS X = 10.4.6 launchd Local Format String Exploit ppc ============================================================== !/usr/bin/perl...

Apple Mac OSX 10.4.6 (PPC) - launchd Local Format String

Apple Mac OSX 10.4.6 PPC - launchd Local Format String !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the pa...