Showing 1 - 7 of 7

Files Date: 2020-08-14

Safari Webkit For iOS 7.1.2 JIT Optimization Bug: Posted Aug 14, 2020; Authored by timwr, Ian Beer, kudima, WanderingGlitch | Site metasploit.com; This Metasploit module exploits a JIT optimization bug in Safari Webkit. This allows us to write shellcode to an RWX memory section in JavaScriptCore and execute it. The shellcode contains a kernel exploit (CVE-2016-4669) that obtains kernel rw, obtains root and disables code signing. Finally we download and execute the meterpreter payload. This module has been tested against iOS 7.1.2 on an iPhone 4.; tags | exploit, kernel, root, shellcode; systems | apple, iphone, ios; advisories | CVE-2016-4669, CVE-2018-4162; SHA-256 | 8ca4b125e9aba514f4d2bd3c12b5189f4dceafcaab577262cc602a11c87480fb; Download | Favorite | View

Ubuntu Security Notice USN-4459-1: Posted Aug 14, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4459-1 - It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract sensitive information. It was discovered that Salt has a vulnerability that allows an user to bypass authentication. An attacker could use that to extract sensitive information, execute arbitrary code or crash the server. It was discovered that Salt is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. Various other issues were also addressed.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2018-15750, CVE-2018-15751, CVE-2019-17361, CVE-2020-11652; SHA-256 | 554a555f7c9f85d9a4dada2c6804fc228f4388887cd01c661baad5b75fd51e4d; Download | Favorite | View

WordPress Sell Photo 1.0.5 Cross Site Scripting: Posted Aug 14, 2020; Authored by Melbin K Mathew; WordPress Sell Photo plugin version 1.0.5 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 9cd8857460b66eb62b573f53d83267eb527499cb66169c1bffa1aaf50e323281; Download | Favorite | View

Mikrotik RouterOS NULL Pointer Dereference / Reachable Assertion Failure: Posted Aug 14, 2020; Authored by Qian Chen; Mikrotik RouterOS suffers from null pointer dereference and reachable assertion failure vulnerabilities.; tags | advisory, vulnerability; SHA-256 | 2df20ffb503d40f9cb6c783de8944c6f8ddb31e97c0d49da69d0f06ea89a0ad1; Download | Favorite | View

WebKit On iOS PAC / JIT Hardening Bypass: Posted Aug 14, 2020; Authored by saelo, Google Security Research; A PAC and JIT hardening bypass exists in WebKit on iOS.; tags | advisory; systems | ios; advisories | CVE-2020-9910; SHA-256 | 7e43df27a79d01df906491c3fa75f5b9b076ed4934270a40b2e9bf12e7d1271c; Download | Favorite | View

Android App Zygotes Improper Guarding: Posted Aug 14, 2020; Authored by Jann Horn, Google Security Research; On Android, app zygotes do not properly guard against UID reuse attacks, leak AID_READPROC, and expose mlstrustedsubject.; tags | exploit; advisories | CVE-2020-0258; SHA-256 | 259e249f92035fcc7a0f05456a83799f739c985a9863269f49049822d3dfa37f; Download | Favorite | View

Artica Proxy 4.3.0 Authentication Bypass: Posted Aug 14, 2020; Authored by Dan Duffy; Artica Proxy version 4.3.0 suffers from an authentication bypass vulnerability.; tags | exploit, bypass; advisories | CVE-2020-17506; SHA-256 | 3e28e53946121e8684f361f5280160ec92df78ad5b81e77ea2d01f9f26a906d1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days