Mac OS X

Sparklabs Viscosity Python Exec Local Privilege Escalation Exploit

The setuid-set ViscosityHelper binary insecurely executes certain scripts and can be exploited to gain escalated privileges via symlink attacks.

Oracle Java Beans Statement Remote Code Execution Exploit Update

An AccessControlContext attribute in the java.beans.Statement class of Oracle Java can be overwritten by unprivileged applets by using specially crafted Java Beans Expressions and Statements, even when the AccessControlContext attribute is declared as final. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. WARNING: This is an early release module. This is not the final version of this module.

Oracle Java Beans Statement Remote Code Execution Exploit

An AccessControlContext attribute in the java.beans.Statement class of Oracle Java can be overwritten by unprivileged applets by using specially crafted Java Beans Expressions and Statements, even when the AccessControlContext attribute is declared as final. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. WARNING: This is an early release module. This is not the final version of this module.

Traq Command Injection Exploit

Traq is vulnerable to an authentication bypass vulnerability, this module exploits this vulnerability in order to install a plugin hook to ultimately install an agent in the target host.

Safari File Policy Exploit

A policy issue existed in Apple Safari before 5.1 when handling of file:// URLs.

Phpldapadmin orderby Remote Code Execution Exploit

Input passed to the "orderby" parameter in cmd.php (when "cmd" is set to "query_engine", "query" is set to "none", and "search" is set to e.g. "1") is not properly sanitised in lib/functions.php before being used in a "create_function()" function call. This can be exploited to inject and execute arbitrary PHP code.

PhpMyAdmin Unserialize Remote Code Execution Exploit Update

phpMyAdmin is vulnerable to a remote code execution due the use of the unserialize method on user supplied data. This data is written in the config file and is accessible from the internet by default. This update adds support for Solaris and Mac OS X.

Oracle GlassFish Server Administration Console Authentication Bypass Remote Code Execution Exploit Update

The Administration Console of Oracle GlassFish Server is prone to an authentication bypass vulnerability, which can be achieved by performing HTTP TRACE requests. A remote unauthenticated attacker can exploit this in order to execute arbitrary code on the vulnerable server. This update adds support for Solaris platforms.