A recent vulnerability in the Linux kernel (versions <= 2.6.32-rc1) allows the leakage of certain register contents. The x86-64 registers r8-r11 may be leaked to 32-bit unprivileged userspace applications that switch themselves into 64-bit mode.
Dam Burst is a simple utility that allows an unprivileged user to disable the censorship functionality of the Green Dam Youth Escort software.
What happens when a botnet operator decides to hold infected machines hostage and announces demands? What organization is in charge of cyber-related hostage situations? What are the trade-offs of giving in to the demands?
In this post, we’ll look at some kernel stack information disclosures in the getname() functions of several socket AFs recently discovered in the Linux kernel.
We just presented our PolyPack research today at the USENIX Workshop on Offensive Technologies (WOOT ‘09) in Montreal, Canada. Links to the paper and presentation materials are after the jump.
Tinychat is a sweet site that allows for simple chat, video conferencing, and screencasting. In this post, I’ll detail how to hijack Tinychat screencasts by injecting images of your own.
Some information about a trojaned ssh client and sshd server discovered in a recent compromise. I didn’t find any details on this particular OpenSSH backdoor via Google, so hopefully this information will be of use to anyone who runs into it on their boxes.
A recent bug found by Sebastian Krahmer in udev has considerable security impact across a wide range of Linux distributions.
A bit of information on Panera Bread’s gift card security, or lack thereof.
Previously we looked at creating ICMP echo requests, parsing a PCAP file, and doing DNS spoofing with the dpkt framework. Today I will show how to parse the AS paths of BGP messages out of MRT routing dumps.