Azimuth Security: February 2013

Azimuth Security: February 2013 <body onload='MM_preloadImages('http://www.azimuthsecurity.com/images/a_02.gif','http://www.azimuthsecurity.com/images/r_02.gif','http://www.azimuthsecurity.com/images/t_02.gif','http://www.azimuthsecurity.com/images/s_02.gif')'><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d509652393303233687\x26blogName\x3dAzimuth+Security\x26publishMode\x3dPUBLISH_MODE_HOSTED\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttp://blog.azimuthsecurity.com/search\x26blogLocale\x3den\x26v\x3d2\x26homepageUrl\x3dhttp://blog.azimuthsecurity.com/\x26vt\x3d1038547295672672920', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

	project zeus

	"You will not be informed of the meaning of Project Zeus until the time is right for you to know the meaning of Project Zeus."

Archives

	Current Posts
	April 2010
	May 2010
	August 2010
	September 2012
	February 2013
	March 2013
	April 2013
	May 2013
	June 2013
	December 2013
	March 2014
	January 2015

Posts

Re-visiting the Exynos Memory Mapping Bug

From USR to SVC: Dissecting the 'evasi0n' Kernel Exploit

Re-visiting the Exynos Memory Mapping Bug

posted by Dan Rosenberg @ 2/14/2013 08:29:00 AM

On December 15, 2012, a member of the XDA Developer Forums going by the handle "alephzain" published a vulnerability affecting all Android devices using the Samsung Exynos chipset and running Android 4.0 (Ice Cream Sandwich) or greater. Affected devices include the extremely popular international variant of the Galaxy S3 (the North American version is not affected because it uses a Qualcomm chipset instead), and Exynos variants of the Galaxy S2, Galaxy Note, Galaxy Note 2, and Galaxy Tab.

Read more »

Labels: Android, Privilege Escalation, Vulnerabilities

5 comments

From USR to SVC: Dissecting the 'evasi0n' Kernel Exploit

posted by Tarjei Mandt @ 2/13/2013 08:30:00 AM

The evasi0n jailbreak leverages an impressive set of vulnerabilities that collectively enable users to fully jailbreak their iOS 6.x based device. While the user land component was an impressive feat on its own, the kernel exploit used to evade sandbox restrictions as well as code signing, holds an equally impressive array of sophisticated exploitation techniques. In this blog entry, we detail the leveraged kernel vulnerability and show how evasi0n goes to great lengths to overcome security hardenings such as kernel address space randomization and kernel address space protection.

Read more »

Labels: iOS, Jailbreak, Privilege Escalation, Vulnerabilities

5 comments

Contact