This Metasploit module exploits a hidden backdoor API in Apple’s Admin framework on Mac OS X to escalate privileges to root, dubbed Rootpipe. Tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run this exploit as an admin user to […]
Tags:
Apple,
ios,
osx
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners […]
Tags:
Apple,
ios,
osx
Local denial of service exploit for Mac OS X kernel versions prior to 10.10.3.
Tags:
Apple,
ios,
osx
Apple IOS versions 8.0 through 8.0.2 suffer from a lock bypass vulnerability.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2015-05-06-1 – Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and address memory corruption, information compromise, and unauthorized access vulnerabilities.
Tags:
Apple,
ios,
osx
The Vulnerability Laboratory Research Team discovered a local file include vulnerability in the official Wireless Photo Transfer Mobile version 3.0 iOS application.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2015-05-19-1 – Watch OS 1.0.1 is now available and addresses certificate issues, arbitrary code execution, XML external entity, and various other vulnerabilities.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2015-05-19-1 – Watch OS 1.0.1 is now available and addresses certificate issues, arbitrary code execution, XML external entity, and various other vulnerabilities.
Tags:
Apple,
ios,
osx
The Vulnerability Laboratory Core Research Team discovered an application-side input validation vulnerability that leads to cross-site scripting in the HiDisk version 2.4 iOS mobile application.
Tags:
Apple,
ios,
osx
Apple Security Advisory 2015-05-19-1 for Watch OS version 1.0.1.
Tags:
Apple,
ios,
osx
