Netragard's SNOsoft Research Team discovered two critical vulnerabilities in the OpenBase SQL Relational Database that can lead to full system compromise.The first vulnerability discovered is a command injection vulnerability that affects several of the default Stored Procedures. Specifically, it is possible to execute system commands as the root user by inserting a series of backticks into the pre-defined Stored Procedures.The second vulnerability discovered in Buffer Overflow that causes heap corruption. This also has the potential to lead to the execution of arbitrary code or a Denial of Service condition.Click here for the full advisory.Netragard, LLC. -- The Specialist in Anti Hacking.
Apple patched two issues in Xcode Tools 2.5 on Tuesday, including one flaw that could allow remote code execution. Apple credited researcher Kevin Finisterre of Netragard for reporting both issues. Read the full article here.Netragard, LLC. -- The Specialist in Anti Hacking.