Mac OS X

Blender Embedded Script Exploit

This module abuses the scripting functionality in Blender to trigger remote code execution via a blender file with an embedded python script.

ISC BIND Dynamic Update Message DoS Exploit

A vulnerability has been identified in ISC BIND, which could be exploited by remote attackers to cause a denial of service. This issue is caused due to the "dns_db_findrdataset()" function failing when the prerequisite section of a dynamic update message contains a record of type "ANY" and where at least one RRset for this FQDN exists on the server, which could allow attackers to cause a vulnerable server to exit when receiving a specially crafted dynamic update message sent to a zone for which the server is the master.

VMware Fusion Privilege Escalation Exploit

This module exploits a privilege escalation vulnerability on VMware Fusion. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

JOnAS Remote Command Injection Exploit

This module exploits a XSS vulnerability in JOnAS which allows IMPACT Pro to perform remote command injection impersonating an administrator and uploading a plugin to the JOnAS server. This module runs a web server waiting for a JOnAS administrator to connect to it. When the client connects, it will retrieve their JOnAS cookie and try to install an agent on the JOnAS server by installing a custom plugin in JOnAS.

Mozilla Firefox Memory Corruption Exploit Update

This module exploits a vulnerability in Mozilla Firefox 3.5 and installs an agent on the target machine. This update adds support to mac os x.

Sun Java Calendar Deserialization Exploit

This module exploits a deserialization bug in several Java Runtime Environments.

Openfire Remote Command Injection Exploit

This module exploits a Reflected Cross-Site Scripting vulnerability in Openfire to install an agent.

Mac OS X smcFanControl Local Privilege Escalation Exploit

This module exploits a buffer overflow vulnerability in smcFanControl on Apple Mac OS X 10.4.x when the software is installed with setuid root. An attacker can exploit this vulnerability to obtain root privileges.

Apple CUPS HP-GL2 filter Remote Code Execution Exploit

This module exploits a specific flaw in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and pen color opcodes result in an arbitrary memory overwrite allowing for the execution of arbitrary code as the "hgltops" process uid.

Mac OS X pppd Plugin Loading Privilege Escalation Exploit

The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.