[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

Update: 2022-05-05

Description

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/nimbuspwn-a-clfs-vulnerability-and-dataflow.html

A few vulnerabilities from a TOCTOU to an arbitrary free, and some research into using data-flow in your fuzzing.

[00:00:18 ] Spot the Vuln - Where's it At?

[00:03:44 ] Nimbuspwn - A Linux Elevation of Privilege

[00:08:38 ] Windows Common Log File System (CLFS) Logical-Error Vulnerability [CVE-2022-24521]

[00:15:32 ] Arbitrary Free in Accusoft ImageGear ioca_mys_rgb_allocate

[00:25:31 ] Commit Level Vulnerability Dataset

[00:28:44 ] DatAFLow - Towards a Data-Flow-Guided Fuzzer

The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week:

Mondays at 3:00 pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities

Tuesdays at 7:00 pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.

The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec

You can also join our discord: https://discord.gg/daTxTK9

Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Linux Exploits, Secure Credentials, Side-Channels and Election(SDK) hacking

2019-10-2102:13:43

[binary] Fuchsia OS, Printer Bugs, and Hacking Radare2

2022-06-0254:43

[bounty] A Zoom RCE, VMware Auth Bypass, and GitLab Stored XSS

2022-05-3151:35

[binary] Pwn2Own, Parallels Desktop, and an AppleAVD Bug

2022-05-2634:29

[bounty] Stealing DropBox Google Drive Tokens, a GitLab Bug, and macOS "Powerdir" Vulnerability

2022-05-2432:32

[bounty] Deleting Rubygems, BIG-IP Auth Bypass, and a Priceline Account Takeover

2022-05-1734:23

[binary] Pwn2Owning Routers and Anker Eufy Bugs

2022-05-1230:40

[bounty] Cloudflare Pages, Hacking a Bank, and Attacking Price Oracles

2022-05-1038:36

[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

2022-05-0541:59

[bounty] XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape

2022-05-0337:06

[binary] Getting into Vulnerability Research and a FUSE use-after-free

2022-04-2849:54

[bounty] A Struts RCE, Broken Java ECDSA (Psychic Signatures) and a Bad Log4Shell Fix

2022-04-2632:44

[binary] Another iOS Bug and Edge Chakra Exploitation

2022-04-2155:33

[bounty] Taking Over an Internal AWS Service and an Interesting XSS Vector

2022-04-1922:28

[binary] A subtle iOS parsing bug and a PHP use-after-free

2022-04-1454:55

[bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln

2022-04-1226:11

[binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs

2022-04-0742:33

[bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords

2022-04-0501:02:10

[binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages

2022-03-3132:23

[bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var

2022-03-2934:56

00:00

[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

#box-pro-ellipsis-173651860421540{-webkit-line-clamp:2;}[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

dayzerosec

[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)