167 - Bypassing Pixel Lock Screens and Checkmk RCE
A Pixel Lockscreen bypass and some discussion about dupes in bug bounty, then a long RCE chain, and a look at client-side path traversals.
Podcast Episodes (Page 11)
166 - OpenSSL Off-by-One, Java XML Bugs, and an In-the-Wild Samsung Chain
A lot of discussion about the OpenSSL vulnerability, fuzzing and exploitation. Then into a RCE in XML Signature verification, and a Samsung exploit chain.
165 - Apache Batik, Static Site Generators, and an Android App Vuln
Several slightly weird issues this week, a reentrancy attack abusing a read-only function, SSRF and XSS through a statically generated website and others.
164 - XNU's kalloc_type, Stranger Strings, and a NetBSD Bug
Kicking off the week with a look at Apple's new security blog and the kalloc_type introduced into XNU, then a mix of issues including an overflow in SQLite.
163 - A Galaxy Store Bug, Facebook CSRF, and Google IDOR
Several simple bugs with significant impacts, XSS to being able to install apps, CSRFing via a Captcha, and a Google IDOR.
162 - Edge Vulns, a SHA-3 Overflow, and an io_uring Exploit
A few issues this week, including an overflow in SHA-3, yet another io_uring bug, and multiple (questionably exploitable) corruptions in Edge.
161 - XMPP Stanza Smuggling in Jabber and a Cobalt Strike RCE
Several fun issues this week, from a Cobalt Strike RCE, a couple auth bypasses, and stanza smuggling in Jabber.
160 - Some Browser Exploitation and a Format String Bug?
We've got a few interesting vulns, a blind format string attack, Windows kernel int overflow, and a browser exploit (unchecked bounds after lowering).
159 - GitHub to GitLab RCE and a new PHP Supply Chain Attack
This week we look at a insecure deserialization (GitLab), argument injection (Packagist), and insecure string interpolation (Apache Commons Text)
158 - i.MX Secure Boot Bypass and a Hancom Office Underflow
Just a couple issues this week and a discussion about why you should look at old vulnerabilities and the pace exploit development advanced at.