Tweets
- Tweets, current page.
- Tweets & replies
You blocked @pozdnychev
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @pozdnychev
-
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: https://www.openwall.com/lists/oss-security/2020/01/28/3 … PS: "Did you ever play tic-tac-toe?"
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: Local Privilege Escalation in OpenBSD's loader (http://ld.so , CVE-2019-19726). Getting root on default install (i386/amd64), by tweaking the environment variables. Exploit and more details at: https://openwall.com/lists/oss-security/2019/12/11/9 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory: Authentication vulnerabilities in OpenBSD's auth system (CVE-2019-19521). LPE on default install via xlock (CVE-2019-19520) and su (CVE-2019-19519). Local root if S/Key or yubikey is enabled (CVE-2019-19522). More details at https://www.openwall.com/lists/oss-security/2019/12/04/5 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Qualys Security Advisory Team: "The return of the WIZard", now the full advisory (CVE-2019-10149) is available at https://www.openwall.com/lists/oss-security/2019/06/06/1 … …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: "The return of the WIZard" (CVE-2019-10149). Instant LPE in Exim (4.87 to 4.91). Seven days to trigger a RCE. No memory corruption or ROP involved. Bypass NX/ASLR/SSP/PIE/full RELRO/etc. Architecture independent. More at https://www.openwall.com/lists/oss-security/2019/06/05/4 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
More details given here: https://www.openwall.com/lists/oss-security/2019/05/10/4 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
If your distribution is pretty close to the ones mentioned above, you might want to edit target.c and change the md5sum to give a shot. It should take, as the advisories says, about 10min on i386 and 70+min on amd64, with a quite big variance.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: "System Down" (systemd-journald) exploit for CVE-2018-16865 and CVE-2018-16866 is released. It should work at least on Debian Stretch (i386/amd64), Ubuntu 18.04.1 (amd64) and CentOS 7.5 (amd64). More at https://www.qualys.com/2019/05/09/system-down/system-down.tar.gz …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Qualys Security Advisory team: "System Down: a systemd-journald exploit". Memory corruptions (CVE-2018-1686{4,5}) and one memory leak (CVE-2018-16866) in systemd. LPE on most Linux distros (except those compiled with -fstack-clash-protection). Details at https://www.openwall.com/lists/oss-security/2019/01/09/3 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team - Mutagen Astronomy: Integer overflow in Linux's create_elf_tables(), CVE-2018-14634. LPE (full root) from a suid-root binary. RHEL, CentOS and Debian 8 are vulnerable. Advisory, PoC and exploit at: https://www.openwall.com/lists/oss-security/2018/09/25/4 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: another OpenSSH "user enumeration". From OpenSSH 5.9 to 7.8 (august 24th, 2018). "PoC" (well, a 2-liners) provided. More details on http://www.openwall.com/lists/oss-security/2018/08/27/2 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: OpenSSH Username Enumeration, in all versions (Linux, *BSD, ...) since november 2000. Fixed in 7.8p1 but not tagged as a security issue. More details in http://www.openwall.com/lists/oss-security/2018/08/15/5 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory team: Procps-ng audit; 127 proposed patches, from minor bugs to security ones; 7 CVEs; 2 Denials of service; One process-hiding method; 2 LPEs; Userland vulnerability leading to escape from a container. http://www.openwall.com/lists/oss-security/2018/05/17/1 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: various bugs in iscsiuio, http://www.openwall.com/lists/oss-security/2017/12/13/2 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
QSA Team: memory leak (CVE-2017-1000408 appeared in 1999) and buffer overflow in ld.so (CVE-2017-1000409, 2006) to gain full root if protected_hardlinks is disabled and not patched against CVE-2017-1000366: http://www.openwall.com/lists/oss-security/2017/12/11/4 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: CVE-2017-1000253 (PIE/stack corruption) exploit for CentOS 7 http://www.openwall.com/lists/oss-security/2017/10/03/10 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
QSA Team: Linux PIE/stack Corruption (CVE-2017-1000253), LPE for CentOS 7 (< 1708), CentOS 6, RHEL 7 (< 7.4): http://www.openwall.com/lists/oss-security/2017/09/26/16 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Qualys Security Advisory Team: Stack Clash exploits and PoCs released: http://www.openwall.com/lists/oss-security/2017/06/28/14 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.