pl
en
Sometimes you can find really cool vulnerabilities – all http and smtp pre-authentication server vulnerabilities belong to this group definitively. The same class includes all vulnerabilities in popular network sniffers like Wireshark to name a few. After all how cool can be to break whole organization security thanks to vulnerable sniffer run by security department just before weekend starts. Also take a look at hoagie_openssl_record_of_death.c exploit for CVE-2010-0740 vulnerability. Can be useful as a base for further OpenSSL exploits.
Archive
Return to 2010-07-30
Blog
Binding read() with |
Wireshark 0.8.20-1.2
| Speedup your (Python