Subscribe via feed.
Archive for October, 2015

[dos] – Samsung seiren Kernel Driver Buffer Overflow

Posted by deepcore under Security (No Respond)

Samsung seiren Kernel Driver Buffer Overflow

Tags: ,

[dos] – Samsung m2m1shot Kernel Driver Buffer Overflow

Posted by deepcore under Security (No Respond)

Samsung m2m1shot Kernel Driver Buffer Overflow

Tags: ,

[dos] – Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw

Posted by deepcore under Security (No Respond)

Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw

Tags: ,

[dos] – Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness

Posted by deepcore under Security (No Respond)

Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness

Tags: ,

[webapps] – JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability

Posted by deepcore under Security (No Respond)

JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability

Tags: ,

Mac OS X 10.9.5 / 10.10.5 rsh/libmalloc Privilege Escalation

Posted by deepcore under Apple (No Respond)

This Metasploit module writes to the sudoers file without root access by exploiting rsh and malloc log files. Makes sudo require no password, giving access to su even if root is disabled. Works on OS X 10.9.5 to 10.10.5 (patched on 10.11).

Tags: , ,

[dos] – Win10Pcap – Local Privilege Escalation Vulnerability

Posted by deepcore under Security (No Respond)

Win10Pcap – Local Privilege Escalation Vulnerability

Tags: ,

[local] – Mac OS X 10.9.5 / 10.10.5 – rsh/libmalloc Privilege Escalation

Posted by deepcore under Security (No Respond)

Mac OS X 10.9.5 / 10.10.5 – rsh/libmalloc Privilege Escalation

Tags: ,

[remote] – Th3 MMA mma.php Backdoor Arbitrary File Upload

Posted by deepcore under Security (No Respond)

Th3 MMA mma.php Backdoor Arbitrary File Upload

Tags: ,

[remote] – Safari User-Assisted Applescript Exec Attack

Posted by deepcore under Security (No Respond)

Safari User-Assisted Applescript Exec Attack

Tags: ,