lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3FA0B565.6040009@security-gui.de>
From: security at security-gui.de (Kai Kretschmann)
Subject: remotely triggered program execution on MacOS-X Jaguar

Problem: remotely triggered program execution on MacOS-X Jaguar

While surfing with the mac Version of IE 5.2 we reached a IIS driven
webserver.
One downloadlink ending with ".asp" saved the link as a lokal ".asp" 
file and
started the local program "AppleSystemProfiler" which seemed trying to
read the data.

I think it might be possible to force this behavior by targeting the mac
users community to one download link ending with .asp and modifying the
file in such a way the SystemProfiler might run any heap/stack/buffer
overflow.

Anyone tried it already?
--
Kai Kretschmann
www.security-gui.de


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ