Vulnerabilities (Page 6)

HTTP Header Smuggling Attacks Againsts AWS API Gateway

First, what is header smuggling? The idea of header smuggling is to create a request whose headers will be parsed differently by different servers in the potential chain of proxies it passes through.For example, one server might simply scan for the header starting with “Content-Length” to find the content length header, ignoring that it is actually Content-Length abcd: [value]


Add Yourself as a Super Admin to Someone Else's GSuite Organization


Great little bug taking advantage of the ability to manage GSuite users directly from within by trusted the Gsuite organization name and ID from the user request. By changing out the organization’s domain and id (does require knowing the target organization numeric id) in the requests makes when adding a new user, the user will be added to the new domain rather than to the one you actually own.


[Gerbv 2.7.0] Out-Of-Bounds Access due to Unchecked Array Index

Gerbv uses a fixed size array to store gerbv_aperture_t structures but is indexed by an unrestricted integer providing an out-of-bounds read and write. This array is indexed through an attacker controlled value tool_num, while the value is checked against the MIN and MAX values for the array, being out-of-bounds only results in an error message.