Sveriges mest populära poddar
Start / Day[0] / Speculation in predictive store forwarding broken fixes and owning rocket chat

Day[0]

Speculation in Predictive Store Forwarding, Broken Fixes, and Owning Rocket.Chat

85 min • 6 april 2021

One episode and several failed attempts to fix vulnerabilities, an interesting Rocket.Chat XSS and an exploitable TXT file abusing some weird features.

[00:00:46] nOtWASP bottom 10: vulnerabilities that make you cry

  • https://portswigger.net/research/notwasp-bottom-10-vulnerabilities-that-make-you-cry

[00:07:28] Click here for free TV! - Chaining bugs to takeover Wind Vision accounts

  • https://labs.f-secure.com/blog/wind-vision-writeup/

[00:15:28] Elevate Yourself to Admin in Umbraco CMS 8.9.0 (CVE-2020-29454)

  • https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/elevate-yourself-to-admin-in-umb-cms-890-cve-2020-29454/

[00:23:19] "netmask" npm package vulnerable to octal input data [CVE-2021-28918]

  • https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/

[00:28:38] [HackerOne] Jira integration plugin Leaked JWT

  • https://hackerone.com/reports/1103582

[00:33:20] [Kaspersky] A vulnerability in KAVKIS 2020 products family allows full disabling of protection

  • https://hackerone.com/reports/870615

[00:38:06] [Rocket.Chat] Account takeover via XSS

  • https://hackerone.com/reports/735638

[00:43:18] This man thought opening a TXT file is fine, he thought wrong. macOS [CVE-2019-8761]

  • https://www.paulosyibelo.com/2021/04/this-man-thought-opening-txt-file-is.html

[00:52:41] Who Contains the Containers?

  • https://googleprojectzero.blogspot.com/2021/04/who-contains-containers.html

[01:06:11] Getting Code Execution on Apache Druid [CVE-2021-25646]

  • https://www.thezdi.com/blog/2021/3/25/cve-2021-25646-getting-code-execution-on-apache-druid

[01:12:59] Security Analysis of AMD Predictive Store Forwarding

  • https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf

[01:19:58] Pluralsight free for April

  • https://www.pluralsight.com/

[01:21:54] Pwn2Own 2021

  • https://www.zerodayinitiative.com/blog/2021/4/2/pwn2own-2021-schedule-and-live-results

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@dayzerosec)

Kategorier
PoddarTeknologi
Förekommer på
Teknik
00:00 -00:00
Hur lyssnar jag på podcast?

En liten tjänst av I'm With Friends. Finns även på engelska.