:: Deepquest ::

Apple Security Advisory 2013-03-04-1 – Multiple vulnerabilities existed in Java 1.6.0_41, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox, have been addressed.

This Metasploit module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The vulnerability exists in the setuid openvpnstart, where an insufficient validation of path names allows execution of arbitrary shell scripts as root. This Metasploit module has been tested successfully on Tunnelblick 3.2.8 build 2891.3099 over Mac OS X 10.7.5.

Air Disk Wireless version 1.9 for iPad and iPhone suffers from local file inclusion and command injection vulnerabilities.

VMWare OVF Tools Format String Vulnerability

Apple Security Advisory 2013-02-04-1 – OS X Server version 2.2.1 is now available and addresses security issues in Profile Manager and Wiki Server.

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

Apple QuickTime Player Windows version 7.7.3 suffers from an out of bounds read vulnerability.

Secunia Security Advisory – Apple has acknowledged a vulnerability in Apple TV, which can be exploited by malicious people to compromise a user’s device.

MIA chimes in on Australia's immigration policy ahead of Summadayze … The Australian Perhaps she'll have to Wikileak the album online, in the spirit of her 2010 ViCKi LEEKX mixtape, inspired by Australian activist, Julian Assange.

New Straits Times The danger of the Internet is that it is unforgiving New Straits Times But Julian Assange, that Wikileak fellow now languishing in virtual imprisonment in the Ecuadorian embassy has given it a sinister take: “The penetration of the Stasi in East Germany is reported to be up to 10 per cent of the population — one in 10 at …