Apple iOS / MacOS Netagent Kernel Memory Disclosure(CVE-2017-2507)

iOS/MacOS kernel memory disclosure due to lack of bounds checking in netagent socket option handling netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER are handled by netagenthandleregistersetopt. Here's the code: static errnot...

Apple macOS/iOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1140 netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER are handled by netagenthandleregistersetopt. Here's the code: static errnot...

Apple macOSiOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling

Apple macOSiOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Option Handling / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1140 netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER...

Apple iOS / macOS Kernel - Memory Disclosure Due to Lack of Bounds Checking in netagent Socket Optio

Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1140 netagentctlsetopt is the setsockopt handler for netagent control sockets. Options of type NETAGENTOPTIONTYPEREGISTER are handled by netagenthandleregistersetopt. Here's the...

CGIWrap error page cross-site scripting vulnerability

Overview CGIWrap error page is vulnerable to a cross-site scripting. CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms on the web server. CGIWrap contains a cross-site scripting vulnerability as it does not specify charset in the error page. Hirohisa Yamaguc...