:: Deepquest ::

Last Updated on October 3, 2015 by deepcore The default root-suid binary /usr/bin/rsh on Mac OS X uses execv() in an insecure manner. /usr/bin/rsh will invoke /usr/bin/rlogin if launched with only a host argument, without dropping privileges or clearing the environment. This exploit will pass “MallocLogFile” to /usr/bin/rsh, which is then passed on to rlogin […]

Last Updated on October 2, 2015 by deepcore Proof of concept code that demonstrates a path traversal vulnerability in ElasticSearch that allows for arbitrary file disclosure.

Last Updated on October 2, 2015 by deepcore MakeSFX.exe version 1.44 suffers from stack-based buffer overflow vulnerability.

Last Updated on October 2, 2015 by deepcore The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Small Office Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.

Last Updated on October 2, 2015 by deepcore The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Total Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.

Last Updated on October 2, 2015 by deepcore The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Internet Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.

Last Updated on October 2, 2015 by deepcore The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Anti-Virus software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.

Last Updated on October 2, 2015 by deepcore The SySS GmbH found out that the admin password for protecting different functions of the Kaspersky Endpoint Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.

Last Updated on October 2, 2015 by deepcore This archive contains 191 exploits that were added to Packet Storm in September, 2015.

Last Updated on October 2, 2015 by deepcore Apple Security Advisory 2015-09-30-01 – iOS 9.0.2 is now available and addresses a lock screen vulnerability.