:: Deepquest ::

A brief write up discussing disclosure of internal IPs and hostnames from Apple bots leveraging Via and X-Forwarded-For headers.

Apple Security Advisory 2020-09-24-1 – macOS Catalina 10.15.6 Supplemental Update, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave are now available and address code execution and out of bounds read vulnerabilities.

Apple Security Advisory 2020-09-16-1 – iOS 14.0 and iPadOS 14.0 are now available and address code execution, cross site scripting, out of bounds read, and out of bounds write vulnerabilities.

Apple Security Advisory 2020-09-16-3 – Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2020-09-16-2 – tvOS 14.0 is now available and addresses cross site scripting vulnerabilities.

Apple Security Advisory 2020-09-16-4 – watchOS 7.0 is now available and addresses cross site scripting vulnerabilities.

Apple Security Advisory 2020-09-16-5 – Xcode 12.0 is now available and addresses a code execution vulnerability.

Apple Security Advisory 2020-07-15-1 – iOS 13.6 and iPadOS 13.6 are now available and address buffer overflow, bypass, code execution, cross site scripting, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2020-07-15-2 – macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra are now available and address buffer overflow, code execution, denial of service, out of bounds read, and out of bounds write vulnerabilities.

Apple Security Advisory 2020-07-15-4 – watchOS 6.2.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.