Thank you @_larry0! Anyone else have their #myfavoritevuln?
#VulnLife #StickerLife #InfoSechttps://twitter.com/_larry0/status/1189707301923504128 …
-
-
Replying to @RiskBased
I’d like to hear from
@attritionorg@SushiDude and@jkouns1 reply 0 retweets 1 like -
Replying to @_larry0 @RiskBased and
thinking on it! And planning on a few answers, since we can submit several! also curious what
@wdormann@grsecurity@4dgifts@dotmudge@scooterthetroll@lcamtuf@mauvehed@i0n1c@hdmoore@mdowd@xssniper@taviso@weldpond@daveaitel would say =) all have great history w/ vulns.7 replies 0 retweets 5 likes -
Replying to @attritionorg @_larry0 and
A few of my favorites: HijackClick by Liu Die Yu https://www.kb.cert.org/vuls/id/413886/ Clicking in a page in IE triggers a drag-and-drop event to place malware on a Windows system. Windows ANI buffer overflow https://www.kb.cert.org/vuls/id/191609/ Viewing a web page or receiving an email -> kernel code exec
1 reply 0 retweets 6 likes -
Replying to @wdormann @attritionorg and
Windows WMF SetAbortProc bug https://www.kb.cert.org/vuls/id/181038/ Steve Gibson asserted that this was an intentional backdoor. https://www.grc.com/sn/SN-022.htm Windows automatically executes code pointed to by LNK file https://www.kb.cert.org/vuls/id/940193/ This allowed for Stuxnet to exist.
5 replies 1 retweet 9 likes -
Replying to @wdormann @attritionorg and
SetAbortProc was a good one. The root shell on the G1 launch was a particularly memorable blunder
Reading Derek Soeders eEye advisories got me interested in NT internals, e.g. https://seclists.org/fulldisclosure/2004/Oct/404 …1 reply 1 retweet 11 likes -
I was going to suggest your NT one too (cve-2010-0232 is it I think)
1 reply 0 retweets 6 likes
Thanks, I am proud of that one! It was used by the getsystem command in Metasploit for years, so probably also one of the most widely used Windows privescs!
-
-
i dig 2010-0232 because a) some guy named Tavis (pre-Google) and b) some local overflow (who cares!), yet was a foundation in many ways. for fun, 2006-03-23 CVE-2006-3459 for LibTIFF is the first I see for you...
0 replies 0 retweets 2 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.