Outer Web | Explore

Explore >> Select a destination

You are here		scarybeastsecurity.blogspot.com Security: [0day] [exploit] Advancing exploitation: a scriptless 0day exploit against Linux desktops
\|	\|	landave.io 7-Zip: From Uninitialized Memory to Remote Code Execution \| landave's blog	12.9 parsecs away Travel
\|	\|	Blog about anti-virus software vulnerabilities.	12.9 parsecs away Travel
\|	\|	www.ambionics.io Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1)	11.8 parsecs away Travel
\|	\|	A few months ago, I stumbled upon a 24 years old buffer overflow in the glibc, the base library for linux programs. Despite being reachable in multiple well-known libraries or executables, it proved rarely exploitable - while it didn't provide much leeway, it required hard-to-achieve preconditions. Looking for targets lead mainly to disappointment. On PHP however, the bug shone, and proved useful in exploiting its engine in two different ways.	11.8 parsecs away Travel
\|	\|	www.ambionics.io Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 2)	12.4 parsecs away Travel
\|	\|	In this blog post, we will explore a new way of exploiting the vulnerability on PHP, using direct calls to iconv(), and illustrate the vulnerability by targeting Roundcube, a popular PHP webmail.	12.4 parsecs away Travel
\|	\|	blog.phylum.io Q2 2024 Evolution of Software Supply Chain Security Report	88.7 parsecs away Travel
\|		Headed to Black Hat USA? Come talk to Phylum! Software supply chains are complicated. In this complicated web of globally distributed software, attackers can lie in wait, releasing malicious software libraries to unsuspecting developers and organizations. It is prohibitively difficult to manually scan and analyze every package a given organization	88.7 parsecs away Travel