EUVD-2018-2249

Malware in sbrugna...

Clario: rXSS on https://mackeeperapp.mackeeper.com/landings/download-blue/

Summary: Founded XSS on https://mackeeperapp.mackeeper.com/landings/download-blue/ PoC https://mackeeperapp.mackeeper.com/landings/download-blue/?affid=b450fb80-0136-11eb-a01d-50cf6001b201-zzb&epayId=;alertdocument.domain;//&guid=xxx Impact An attacker can run any malicious javascript code on a...

Clario: open redirect at https://account.mackeeper.com/auth/signin/continue via improper uri sanitization

Summary open redirect at https://account.mackeeper.com/auth/signin/continue via improper uri sanitization Steps to reproduce goto...

Clario: MK Site Cross-Site Scripting (XSS) in script context

Summary https://mackeeper.com Site Cross-Site Scripting XSS in script context Parameter - cookie: guid Step to reproduce Injected payload:...

Clario: Local Privilege escalation to root via XPC

Summary The application is divided into a few parts responsible for different actions. The standard, running with user permissions parts are: MacKeeper MacKeeperAgent MacKeeper communicates with more privileged root part named com.mackeeper.MacKeeperPrivilegedHelper that is located in the...

Clario: Unauthenticated Reflected Cross-Site Scripting on https://account.mackeeper.com/signin page

Summary Unauthenticated Reflected Cross-Site Scripting on https://account.mackeeper.com/signin page in the bundled parameter Steps To Reproduce XSS via GET Method HTTP Request: GET /signin?bundleId=wrtqvetcvcwtd%22%3e%3cscript%3ealert1%3c%2fscript%3eyozl9 HTTP/1.1 Host: account.mackeeper.com...

Clario: RXSS on /landings/123.1/index.php (mackeeperapp.mackeeper.com)

Summary Hi! I found Reflected Cross-Site Scripting attack on mackeeperapp.mackeeper.com via /landings/123.1/index.php endpoint. Step to reproduce...

Privilege escalation

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shel...

CVE-2018-10171

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shel...

CVE-2018-10171

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shel...

CVE-2018-10171

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shel...

CVE-2018-10171

CVE-2018-10171 affects MacKeeper version 3.20.4 and describes a root privilege escalation in the component com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper . The tool exposes an XPC service that allows an unprivileged app to connect and execute shell scripts with root privileges, enabl...

store.mackeeper.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-494186 Description| Value ---|--- Affected Website:| store.mackeeper.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on...

Printing and Marketing Firm Leaks High-Profile Customers' Data

Franchise Services, the parent company of a number of large print and design companies, said it is investigating claims that sensitive customer data stored by one of its franchisees is accessible online. The data dates back to 2010 and ranges from sensitive health records belonging to a former...

13 Million MacKeeper Records Found in Public Database

A trove of MacKeeper user data—some 13 million records—has been locked down after a researcher found an exposed and accessible database using a simple Shodan query. Chris Vickery revealed his discovery on Monday on Reddit in more of an appeal to reach officials at Kromtech, the parent company tha...

13 Million MacKeeper Users Hacked — 21 GB of Data Exposed

MacKeeper anti-virus company is making headlines today for its lax security that exposed the database of 13 Million Mac users' records including names, email addresses, usernames, password hashes, IP addresses, phone numbers, and system information. MacKeeper is a suite of software that claims to...

mackeeper.com XSS vulnerability

Vulnerable URL: https://mackeeper.com/partners Details: Description| Value ---|--- Patched:| Yes, at 18.02.2016 Latest check for patch:| 18.02.2016 08:28 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 816 Google Pagerank| 4 VIP website status:| Yes Check...

MacKeeper URL Handling Remote Code Execution Vulnerability

MacKeeper is a Mac OS system optimization software. MacKeeper suffers from a remote code execution vulnerability. Allows an attacker to execute arbitrary code...

MacKeeper Remote Code Execution

A remote code execution has been reported in MacKeeper. By enticing the user to visit a specially crafted URL, a remote attacker could run arbitrary code on the victim's computer...

MacKeeper Zero Day Remote Code Execution Vulnerability

A controversial piece of security and maintenance software for Mac OS X computers, known as MacKeeper, has been found to be vulnerable to a critical remote code execution vulnerability. MacKeeper antivirus software for Mac OS X is designed to improve Mac performance and security, but it is infamo...