@taviso does this require local execution? Or (shudder) is this remotely exploitable?
-
-
apologies for no context. I'm asking about the SymCrypt modular inverse algorithm bug you reported earlier. I'm concerned that (for example) one could push an offending cert to a Windows SSH service remotely as part of authentication.
-
Ah, yes, it's remote - but only for denial of service. You could prevent a legitimate admin logging in, but that's about it.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.