Feb 16 18

tuxOh no! google engineers discovered a stack-based buffer overflow vulnerability in the getaddrinfo() library function in the DNS resolver, shipped with glibc versions since 2.9, which may allow a remote attacker to execute arbitrary code.

written by d45id \\ tags: , , , , , ,

Feb 16 11

Engineers from exodus intelligence demonstrated an awesome undocumented feature in Cisco Adaptive Security Appliance (ASA), remote code execution via UDP. This feature is implemented in the Cisco IKE feature set. The algorithm for re-assembling IKE payloads fragmented with the Cisco fragmentation protocol contains a bounds-checking flaw that allows a heap buffer to be overflowed with attacker-controlled data.

Find out more:

written by d45id \\ tags: , , , , , , ,

Sep 15 28

written by d45id \\ tags: , , ,

Sep 15 25

After a successfull exploit on ESET’s antivirus scanner NOD32 and Kaspersky’s engine now googles security expert taviso has found a new critical bug in avast! antivirus scanner with which a system call could be done.
AvastUI-load-calc

 

Now everybody wonders who will be the next, Trend Micro, Intel (formerly known as McAfee) or somebody else ?

written by d45id \\ tags: , , , , , , ,

Aug 15 04

DYLD_PRINT_TO_FILEOh no, only a couple of days after OS X  a privilege escalation vulnerability in OS X 10.10 was discovered a researcher at Malwarebytes spot a new adware installer that uses DYLD_PRINT_TO_FILE exploit.

What you can do?

  • wait until Apple released a security update while you get p0wned
  • install SUIDGuard – A kernel extension adding mitigations to protect SUID/SGID binaries

written by d45id \\ tags: , , , , ,

Aug 15 03

Kovah, who discovered with his partners a lot of firmware vulnerabilities in Macs  last year has now designed with Trammell Hudson, a security engineer a worm they dubbed Thunderstrike 2 that can spread between MacBooks undetected.

[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware

Find out more at BlackHat & DefCon or read an amazing article @wired

written by d45id \\ tags: , , , , , , , ,

Jul 15 28

Full disclosure at BlackHat 2015!

stagefrightStagefright’ it gets the title of ‘Mother of all Android Vulnerabilities’, as it impacts 95% of all Android devices out there and do not require any interaction with the victim.

The cause of the problem appears to be a memory error in the processing of MPEG4 and 3GPP video files.

written by d45id \\ tags: , , , , , ,

Jul 15 25

In this paper we [Daniel Gruss, Clémentine Maurice, Stefan Mangard] present Rowhammer.js, a JavaScript-based implementation of the Rowhammer attack. Our attack uses an eviction strategy found by a generic algorithm that improves the eviction rate compared to existing eviction strategies from 95.2% to 99.99%. Rowhammer.js is the first remote software-induced hardware-fault attack. In contrast to other fault attacks it does not require physical access to the machine, or the execution of native code or access to special instructions. As JavaScript-based fault attacks can be performed on millions of users stealthily and simultaneously, we propose countermeasures that can be implemented immediately.

written by d45id \\ tags: , , ,