[dos] – Linux Kernel – aiptek Nullpointer Dereference
Posted by deepcore under Security (No Respond)
Archive for March, 2016
[dos] – Linux Kernel – Wacom Multiple Nullpointer Dereferences
Posted by deepcore under Security (No Respond)
Yahoo Bug Bounty #37 – Sender Spoofing Vulnerability
Posted by deepcore under exploit (No Respond)
An independent vulnerability laboratory researcher discovered a mail spoofing vulnerability in the official Yahoo classic online service web-application.
Apple iOS v9.2.1 – Multiple PassCode Bypass Vulnerabilities
The vulnerability laboratory research team discovered multiple connected passcode protection bypass vulnerabilities in the iOS v9.0, v9.1, v9.2.1 for Apple iPhone (5,5s,6 & 6s) and the iPad (mini,1 & 2).
[local] – McAfee VirusScan Enterprise 8.8 – Security Restrictions Bypass
Posted by deepcore under Security (No Respond)
[webapps] – ATutor LMS install_modules.php CSRF Remote Code Execution Vulnerability
Posted by deepcore under Security (No Respond)
[local] – Microsoft Windows – AFD.SYS Privilege Escalation (MS14-040) Win7x64
Posted by deepcore under Security (No Respond)
[papers] – Metaphor – A (real) real-life Stagefright exploit
Posted by deepcore under Security (No Respond)
WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation
Posted by deepcore under exploit (No Respond)
WAGO IO PLC versions 758-870 and 750-849 suffer from weak credential management, lack of privilege separation, insecure ftp configuration, and weak filesystem permissions.
Schneider Electric Building Operation Automation Server 1.6.1.5000 Escalation / Command Execution
Posted by deepcore under exploit (No Respond)
Schneider Electric Building Operation Automation Server version 1.6.1.5000 suffers from OS command injection, weak credential management, and privilege escalation vulnerabilities.