applefun.blogspot.com
Apple Fun: MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability
http://applefun.blogspot.com/2007/01/moab-21-01-2007-system-preferences.html
Announcements and discussion about the Month of Apple Bugs. Sunday, January 21, 2007. MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability. The preference panes setuid helper,. Makes use of a shell script which lacks of. Sanitization, allowing users to execute arbitrary binaries under root privileges. System Preferences writeconfig Local Privilege Escalation Vulnerability. This week will be a really interesting one. Month of Apple Bugs website. MOAB-15-01-2007: Multipl...
applefun.blogspot.com
Apple Fun: MOAB-12-01-2007: Apple DMG UFS ufs_lookup() Denial of Service Vulnerability
http://applefun.blogspot.com/2007/01/moab-12-01-2007-apple-dmg-ufs-ufslookup.html
Announcements and discussion about the Month of Apple Bugs. Friday, January 12, 2007. MOAB-12-01-2007: Apple DMG UFS ufs lookup() Denial of Service Vulnerability. A specially crafted UFS filesystem in a DMG image can cause the. When a corrupted directory entry is being read, leading to a kernel panic (denial of service). Apple DMG UFS ufs lookup() Denial of Service Vulnerability. Proof of concept: MOAB-12-01-2007.dmg.gz. We would like to thank evan1138 for his generous. Etiquetas: denial of service.
blog.info-pull.com
Info-pull.com blog: October 2006
http://blog.info-pull.com/2006_10_01_archive.html
Friday, October 13, 2006. Windows 2000 SP4 WehnTrust Home User. Just a quick note about WehnTrust Home User. 1009 results from a Vista-Probe 0.2 test run in a Windows 2000 Professional SP4 installation. skape has done a nice job with the ASLR stuff, it beats Vista so far (15 bits to 8bits for heap in RC1). Hope to test the SEH overwrite protection and the other goodies from commercial version soon. Links to this post. Month of Kernel Bugs. Month of Apple Bugs. Windows 2000 SP4 WehnTrust Home User.
applefun.blogspot.com
Apple Fun: MOAB-19-01-2007: Transmit.app ftps:// URL Handler Heap Buffer Overflow
http://applefun.blogspot.com/2007/01/moab-19-01-2007-transmitapp-ftps-url.html
Announcements and discussion about the Month of Apple Bugs. Friday, January 19, 2007. MOAB-19-01-2007: Transmit.app ftps:/ URL Handler Heap Buffer Overflow. Transmit does not allocate enough space when dealing with the string passed on via the ftps:/ URL handler, leading to an exploitable heap-based buffer overflow condition. Transmit.app ftps:/ URL Handler Heap Buffer Overflow. Proof of concept: MOAB-19-01-2007.html. Please refer to the FAQ:. Are Apple products the only one target of this initiative?
applefun.blogspot.com
Apple Fun: MOAB-16-01-2007: Multiple Colloquy IRC Format String Vulnerabilities
http://applefun.blogspot.com/2007/01/colloquy-is-vulnerable-to-format-string.html
Announcements and discussion about the Month of Apple Bugs. Tuesday, January 16, 2007. MOAB-16-01-2007: Multiple Colloquy IRC Format String Vulnerabilities. Colloquy is vulnerable to a format string vulnerability in the handling of INVITE requests, that can be abused by remote users and requires no interaction at all, leading to a denial of service and potential arbitrary code execution. Multiple Colloquy IRC Format String Vulnerabilities. Month of Apple Bugs website. Professional hard drive data recovery.
applefun.blogspot.com
Apple Fun: MOAB-23-01-2007: Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability
http://applefun.blogspot.com/2007/01/moab-23-01-2007-apple-quickdraw.html
Announcements and discussion about the Month of Apple Bugs. Tuesday, January 23, 2007. MOAB-23-01-2007: Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability. QuickDraw is integrated in Mac OS X since very early versions, used by Quicktime and any other application that needs to handle PICT images. A vulnerability exists in the handling of ARGB records. Apple QuickDraw GetSrcBits32ARGB() Memory Corruption Vulnerability. Proof of concept: MOAB-23-01-2007.pct. And Mac OS X. MOAB-27-01-2007: Te...
applefun.blogspot.com
Apple Fun: MOAB-27-01-2007: Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability
http://applefun.blogspot.com/2007/01/moab-27-01-2007-telestream-flip4mac-wmv.html
Announcements and discussion about the Month of Apple Bugs. Saturday, January 27, 2007. MOAB-27-01-2007: Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability. Flip4Mac fails to properly handle WMV files with a crafted ASF File Properties Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution. Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability. Proof of concept: MOAB-27-01-2007.wmv. MOAB-15-01-2007: Multip...
hessamx.wordpress.com
H e s s a m x | Page 2
https://hessamx.wordpress.com/page/2
A Closer Look at the Worm Mimail.A. February 18, 2007. 8220; A CLoser Look ato the Worm MiMail.A. 8221; (written by C.Hornat) is a good analysis about techniques you see used in many malware . This analysis show how these things work. Read the rest of this entry ». February 16, 2007. Read the rest of this entry ». The Science of Malware Analysis. February 15, 2007. This paper about reversing malware written by Mad guy. Malware . . . it’s all over. It has been successful in attractin...Read more …. Web ap...
applefun.blogspot.com
Apple Fun: MOAB-15-01-2007: Multiple Mac OS X Local Privilege Escalation Vulnerabilities
http://applefun.blogspot.com/2007/01/moab-15-01-2007-multiple-mac-os-x-local.html
Announcements and discussion about the Month of Apple Bugs. Monday, January 15, 2007. MOAB-15-01-2007: Multiple Mac OS X Local Privilege Escalation Vulnerabilities. Multiple binaries inside the. Thanks to Ian Silvester for donating to the project! Users in the admin group are sudoers. Wouldn't a `sudo su´ be sufficient to gain root? January 16, 2007 at 5:36 AM. This can be coupled with a remote exploit in for example, the Quicktime issue. January 16, 2007 at 5:43 AM. Month of Apple Bugs website. MOAB-24-...
blog.info-pull.com
Info-pull.com blog: AppleScript: Even easier than VBS? (I)
http://blog.info-pull.com/2007/01/applescript-even-easier-than-vbs-i.html
Tuesday, December 26, 2006. AppleScript: Even easier than VBS? After playing with the AppleScript language. For a while, it looks like an extremely useful feature of Mac OS X. Which enables interaction with mostly every application. Installed. It's extremely similar (functionality-wise) to Microsoft's Visual Basic Script. It's worth noting, that, while they weren't capable of " morphing. Such as variable name randomization, strings encoding and other tricks. Thus, the author needed to start different...