Robert S'wie;cki escribió:
On Fri, Aug 6, 2010 at 10:14 AM, Jose Miguel Esparza
josemiguel.espa...@gmail.com wrote:
Hi!
I took a look at the PDF some days ago, looking for the PDF vuln, you
can see my post  about it here:
http://eternal-todo.com/blog/jailbreakme-pdf-exploit
Anyway,
Barnaba (void) v...@openssl.it
Cc: full-disclosure@lists.grok.org.uk
Sent: Wednesday, August 4, 2010 1:56:47 PM GMT -05:00 US/Canada Eastern
Subject: Re: [Full-disclosure] On the iPhone PDF and kernel exploit
I believe Jailbreakme.com is just REsurfacing,as it used to be used back
On Fri, Aug 6, 2010 at 10:14 AM, Jose Miguel Esparza
josemiguel.espa...@gmail.com wrote:
Hi!
I took a look at the PDF some days ago, looking for the PDF vuln, you
can see my post about it here:
http://eternal-todo.com/blog/jailbreakme-pdf-exploit
Anyway, I continue analysing it...
citeAt
Robert S'wie;cki escribió:
citeAt the moment there's no available patch so it's recommended
some type of mitigation and to be careful with the visited
links/cite
The fix seems to be here:
...@openssl.it
Cc: full-disclosure@lists.grok.org.uk
Sent: Wednesday, August 4, 2010 1:56:47 PM GMT -05:00 US/Canada Eastern
Subject: Re: [Full-disclosure] On the iPhone PDF and kernel exploit
I believe Jailbreakme.com is just REsurfacing,as it used to be used back in the
days of the first gen iPhone also
On 5 Aug 2010, at 10:13, Ryan Sears wrote:
Well I'm no expert but I'm going to see if I can reverse engineer the PDFs used
for jailbreaking (obviously I'd need an ARM assembly book or someone who knows
it :-P) and figure out exactly what they're doing. I agree with was said
earlier, I'm not
http://jailbreakme.com/_/ gives me a 404 Not Found error.
There were a few vulnerabilities in lighthttpd related to the %00 character
but after googling a while I couldn't find this particular one. I guess it's
worth reporting if this still works in the current version (1.5.0).
On Thu, Aug 5,
On Thu, Aug 5, 2010 at 2:43 PM, Ryan Sears rdse...@mtu.edu wrote:
Well I'm no expert but I'm going to see if I can reverse engineer the PDFs
used for jailbreaking (obviously I'd need an ARM assembly book or someone
who knows it :-P) and figure out exactly what they're doing. I agree with
was
.. surely if this was the index of webroot we'd see faq.html etc? are
we sure that this isnt infact a purpose made folder?
On Thu, Aug 5, 2010 at 11:59 AM, Mario Vilas mvi...@gmail.com wrote:
http://jailbreakme.com/_/ gives me a 404 Not Found error.
There were a few vulnerabilities in
For the first time in my life, a 0-day exploiting remote code execution,
sandbox escaping and privilege escalation has been packaged for general
user consumption via a web site ( http://jailbreakme.com ). The actual
pdf exploit can be downloaded here: http://jailbreakme.com/_/.
What puzzles me
According to some of comex's tweets, the exploits he used are public; I also
saw one person on Slashdot explain that root was granted via an IOSurface
allocation error, while other sources claim part of the Spirit jailbreak was
reused in Star. And then, of course, is the PDF exploit (that
On Aug 4, 2010, at 7:56 PM, Pablo Ximenes wrote:
I believe Jailbreakme.com is just REsurfacing,as it used to be used back in
the days of the first gen iPhone also for jailbreaking. So, it's not
excatly the first time this is happening.
Yep, but the attack surface was more wide open at the
I believe Jailbreakme.com is just REsurfacing,as it used to be used back in
the days of the first gen iPhone also for jailbreaking. So, it's not
excatly the first time this is happening.
[]'s
Pablo Ximenes
(aka brasuco)
2010/8/4 Marcello Barnaba (void) v...@openssl.it
For the first time in
13 matches
Mail list logo
