>> TAG: #ios

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a…

Disconnect.me versions 2.0 and below suffer from a local privilege escalation vulnerability on Mac OS X.

34 bytes small NULL byte free OS X x64 /bin/sh shellcode.

The Vulnerability Laboratory Core Research Team discovered a restriction filter bypass in the official PayPal Inc Mobile API for Apple iOS.

This Metasploit module exploits the rootpipe vulnerability and bypasses Apple’s initial fix for the issue by injecting code into a process with the ‘admin.writeconfig’ entitlement.

Apple Security Advisory 2015-08-20-1 – QuickTime 7.7.8 is now available and addresses arbitrary code execution and memory corruption issues.

Apple Security Advisory 2015-08-13-1 – Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses interface spoofing, arbitrary code execution, and various other vulnerabilities.

Apple Security Advisory 2015-08-13-2 – OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and more.

Apple Security Advisory 2015-08-13-3 – iOS 8.4.1 is now available and addresses vulnerabilities in the afc command, AirTraffic, symlinks, and more.

Apple Security Advisory 2015-08-13-4 – OS X Server v4.1.5 is now available and addresses a BIND related denial of service vulnerability.