Showing 1 - 9 of 9

CVE-2018-4237

Status Candidate

Overview

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error.

Related Files

Mac OS X libxpc MITM Privilege Escalation: Posted Nov 28, 2018; Authored by saelo | Site metasploit.com; This Metasploit module exploits a vulnerability in libxpc on macOS versions 10.13.3 and below. The task_set_special_port API allows callers to overwrite their bootstrap port, which is used to communicate with launchd. This port is inherited across forks: child processes will use the same bootstrap port as the parent. By overwriting the bootstrap port and forking a child processes, we can now gain a MitM position between our child and launchd. To gain root we target the sudo binary and intercept its communication with opendirectoryd, which is used by sudo to verify credentials. We modify the replies from opendirectoryd to make it look like our password was valid.; tags | exploit, root; advisories | CVE-2018-4237; SHA-256 | d81c090e142679481756278a6bfdf34affd2552062d989fcb8bd5743ab2960b1; Download | Favorite | View

Apple Security Advisory 2018-7-23-5: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383; SHA-256 | b2ef5d97a0dd4510c8d65950bb3a0565483a6e3af0f1fedf4e319f255c891d27; Download | Favorite | View

Apple Security Advisory 2018-7-23-3: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | cisco, apple, ios; advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241; SHA-256 | 857fee29a90629f33ba85af6600e36de596f303b9de4fc96e0cc80eb90fae597; Download | Favorite | View

Apple Security Advisory 2018-7-23-4: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-4 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383; SHA-256 | 414e2fd1f058460610b6e631ce22a9620407a86f8b5f4823842f21a210f09bda; Download | Favorite | View

Apple Security Advisory 2018-7-23-2: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-2 - 2018-003 Sierra, Security Update 2018-003 El Capitan addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4141, CVE-2018-4159, CVE-2018-4171, CVE-2018-4184, CVE-2018-4193, CVE-2018-4196, CVE-2018-4198, CVE-2018-4202, CVE-2018-4211, CVE-2018-4219, CVE-2018-4221, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4228, CVE-2018-4229, CVE-2018-4230, CVE-2018-4234, CVE-2018-4235, CVE-2018-4236, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4242, CVE-2018-4243, CVE-2018-4249; SHA-256 | 40ab18846fd839375f4ed6a0867906b19120c108c6f84988f596010072b08773; Download | Favorite | View

Apple Security Advisory 2018-06-01-6: Posted Jun 4, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-06-01-6 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249; SHA-256 | cf297a1d1709f69c63008abd53a5bad99c4a8a4734712409cc14a7f48ecae560; Download | Favorite | View

Apple Security Advisory 2018-06-01-5: Posted Jun 4, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-06-01-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249; SHA-256 | 186ed96a050a6056a4439f90e0a88652005680ecf9733a2595a9efc7d2127d3e; Download | Favorite | View

Apple Security Advisory 2018-06-01-4: Posted Jun 4, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-06-01-4 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | cisco, apple; advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241; SHA-256 | 235011f8d40f10f6eefc42756667cf9730b9b7549ad68a89cec4884cef6a0e64; Download | Favorite | View

Apple Security Advisory 2018-06-01-1: Posted Jun 1, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-06-01-1 - macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan are now available and address buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4141, CVE-2018-4159, CVE-2018-4171, CVE-2018-4184, CVE-2018-4193, CVE-2018-4196, CVE-2018-4198, CVE-2018-4202, CVE-2018-4211, CVE-2018-4219, CVE-2018-4221, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4228, CVE-2018-4229, CVE-2018-4230, CVE-2018-4234, CVE-2018-4235, CVE-2018-4236, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4242, CVE-2018-4243, CVE-2018-4249; SHA-256 | f1c1097a0f35ab083639ce62b1aa2c922ca19a9a848c0a4f9871446a85fed753; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2018-4237

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems