CVE-2014-4417

CVE-2014-4417 affects Safari on OS X prior to 10.10. A crafted Push Notification from a malicious site triggers an uncaught SafariNotificationAgent exception, causing a denial of service (universal Push Notification outage). The vulnerability is addressed by improved handling of Safari Push Notif...

Using ServiceWorker in Chrome today

The implementation for ServiceWorker has been landing in Chrome Canary over the past few months, and there's now enough of it to do some cool shit! Unnecessary representation of "cool shit" What is ServiceWorker? ServiceWorker is a background worker, it gives us a JavaScript context to add featur...

CVE-2014-5854

The Windows Live Hotmail PUSH mail aka com.clearhub.wl application 1.00.97 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5854

The CVE-2014-5854 entry concerns the Windows Live Hotmail PUSH mail app (com.clearhub.wl) for Android, version 1.00.97, which does not verify X.509 certificates from SSL servers. This allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. T...

CVE-2014-5854

The Windows Live Hotmail PUSH mail aka com.clearhub.wl application 1.00.97 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Apple Plans to Extend 2FA to iCloud

In the wake of the iCloud photo theft scandal, Apple’s CEO said the company plans to extend its two-factor authentication system to logins to the iCloud service from mobile device. The change will come when iOS 8.0 comes out later this month. The change will give users the option of enabling a...

Linux/x86 - Reverse TCP (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)

Linux/x86 - Reverse TCP 127.1.1.1:1337/TCP Shell Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / Title: Shell Reverse TCP Shellcode - 74 bytes Platform: Linux/x86 Date: 2014-07-25 Author: Julien Ahrens @MrTuxracer Website: http://www.rcesecurity.com Disassembly of section .text:...

Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 4.1.x Bypass) (MS12-037)

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass MS12-037 function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var...

linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 25 bytes

No description provided by source. / Linux/x86 execve/bin/sh, /bin/sh, NULL - 25 bytes - [email protected] / char shellcode = \x31\xc0 // xor %eax, %eax \x50 // push %eax \x68\x2f\x2f\x73\x68 // push $0x68732f2f \x68\x2f\x62\x69\x6e // push $0x6e69622f \x89\xe3 // mov %esp, %ebx \x50 // push %eax...

AmbiCom Blue Neighbors 2.50 build 2500 Bluetooth Stack Object Push Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16258/info AmbiCom Blue Neighbors Bluetooth stack is prone to a buffer overflow vulnerability. The issue exists in the Object Push Service. This issue allows remote attackers to execute arbitrary code in the context of th...

Silentum Uploader 1.4.0 - Remote File Deletion Exploit

No description provided by source. Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we...

linux/x86 if(read(fd,buf,512)<=2) _exit(1) else buf(); 29 bytes

No description provided by source. / h3ll-core.c by Charles Stevenson [email protected] I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large payload of goodness. This actually is a bit larger than...

BlueSoleil 1.4 Object Push Service Bluetooth File Upload Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12961/info BlueSoleil is prone to directory traversal attacks during Bluetooth file uploads. The issue exists in the Object Push Service. This vulnerability may allow an attacker to upload malicious files to arbitrary...

BBC News iOS App Not Hacked, Breaking News Push Messages Sent in Error

If you are one of the users of the BBC News iPhone app, then you might have receive a strange message as a breaking news notification earlier this morning. The message was sent on two separate time durations. First the message reads: "NYPD Twitter campaign 'backfires' after hashtag hijacked," the...

DEBIAN-CVE-2014-3493

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

UBUNTU-CVE-2014-3493

The pushascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service memory corruption and daemon crash via an attempt to read a Unicode pathname without specifying use of Unicode, leading to a...

CVE-2014-0086

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...

Design/Logic Flaw

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...

CVE-2014-0086

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...

SA-CONTRIB-2014-011 - Push Notifications - Information Disclosure

This module enables the delivery of push notifications to iOS and Android devices. The module doesn't sufficiently randomize the certificate filenames required for Apple's Push Notification service or protect the files from being publicly accessible, which could allow an attacker to acquire the...