Subscribe via feed.
Archive for May, 2015

Apple Security Advisory 2015-04-08-2

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-04-08-2 – OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address privilege escalation, code execution, information disclosure, and various other vulnerabilities.

Tags: , ,

Apple Security Advisory 2015-04-08-3

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-04-08-3 – iOS 8.3 is now available and addresses code execution, access restriction, information disclosure, and various other vulnerabilities.

Tags: , ,

Apple Security Advisory 2015-04-08-4

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-04-08-4 – Apple TV 7.2 is now available and addresses information disclosure, code execution, memory disclosure, and various other vulnerabilities.

Tags: , ,

Apple Security Advisory 2015-04-08-5

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-04-08-5 – Xcode 6.3 is now available and addresses stack guard bypass and an issue where Swift programs performing certain type conversions may receive unexpected values.

Tags: , ,

Mac OS X Rootpipe Privilege Escalation

Posted by deepcore under Apple (No Respond)

This Metasploit module exploits a hidden backdoor API in Apple’s Admin framework on Mac OS X to escalate privileges to root, dubbed Rootpipe. Tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run this exploit as an admin user to […]

Tags: , ,

Zed Attack Proxy 2.4.0 Mac OS X Release

Posted by deepcore under Apple (No Respond)

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners […]

Tags: , ,

Mac OS X Local Denial Of Service

Posted by deepcore under Apple (No Respond)

Local denial of service exploit for Mac OS X kernel versions prior to 10.10.3.

Tags: , ,

Apple iOS 8.0.2 Authentication Bypass

Posted by deepcore under Apple (No Respond)

Apple IOS versions 8.0 through 8.0.2 suffer from a lock bypass vulnerability.

Tags: , ,

Apple Security Advisory 2015-05-06-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-05-06-1 – Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and address memory corruption, information compromise, and unauthorized access vulnerabilities.

Tags: , ,

Wireless Photo Transfer 3.0 Local File Include

Posted by deepcore under Apple (No Respond)

The Vulnerability Laboratory Research Team discovered a local file include vulnerability in the official Wireless Photo Transfer Mobile version 3.0 iOS application.

Tags: , ,