The time of much patching is coming

Welcome to this week's edition of the Threat Source newsletter. Many solutions have been proposed to reduce software bugs: zero-defect mandates, pair programming, formal methods, and mathematical software proofs. The reality is that software engineering is hard. Identifying and fixing bugs before...

LLMs Unlock New Paths to Monetizing Exploits

We argue that Large language models LLMs will soon alter the economics of cyberattacks. Instead of attacking the most commonly used software and monetizing exploits by targeting the lowest common denominator among victims, LLMs enable adversaries to launch tailored attacks on a user-by-user basis...

Uncontrolled Recursion in rulex

Impact When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is a security concern for you, if - your service...

GHSA-V78M-2Q7V-FJQP Uncontrolled Recursion in rulex

Impact When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is a security concern for you, if - your service...

GHSA-8V9W-P43C-R885 Reachable Assertion in rulex

Impact When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result...

LAVA - Large-scale Automated Vulnerability Addition

Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora i.e., software that has known bugs with triggering inputs. LAVA attempts to solve this problem by automatically injecting bugs into software. Every LAVA bug is accompanied by an input that...

‘Chaff Bug’ Defense Rolls Out Shiny Objects for Attackers to Find

Camouflage and distraction have long been hallmarks of warfare, and it’s no different when it comes to the cyber-front. A group of researchers from New York University are taking the idea further than it’s gone before with the idea of introducing decoy bugs into code – ultimately non-exploitable...

R 3.4.4 - Local Buffer Overflow (DEP Bypass)

Exploit Title: R v3.4.4 - Local Buffer Overflow DEP Bypass Exploit Author: Hashim Jawad Exploit Date: 2018-05-21 Vendor Homepage: https://www.r-project.org/ Vulnerable Software: https://www.exploit-db.com/apps/a642a3de7b5c2602180e73f4c04b4fbd-R-3.4.4-win.exe Tested on OS: Microsoft Windows 7...

Lara Overflow 1.0 Cross Site Scripting

Exploit Title: Lara Overflow - Q&A platform using Laravel and Vue.js - Xss Google Dork: N/A Date: 2018/01/01 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://codecanyon.net/user/kungfunguyen Software Buy:...

Mosca - Static Analysis Tool To Find Bugs

Just another Simple static analysis tool to find bugs like a grep unix command, at mosca have a modules, that was call egg, each egg is a simple config to find bug at especific language like PHP,Ruby,ASP etc... Example of egg config at directory "egg", If Mosca read a line with vunerability of eg...

Xitami Web Server 2.5c2 - LRWP Processing Format String PoC

No description provided by source. / PoC exploit for Xitami Web Server v2.5c2 LRWP processing format string bug Advisory is available at: http://www.bratax.be/advisories/b013.html multiple vulnerabilities! check it out! @author: bratax @url: http://www.bratax.be/ @email: [email protected] Thanks t...

How I Got Here: Brad Arkin

Dennis Fisher talks with Brad Arkin, CSO of Adobe, about his start with punch cards, finding bugs in online poker software, working at @stake and his challenges at Adobe. Download: 11arkin.mp3...

Charlie Miller on Pwn2Own

Charlie Miller won his third consecutive Pwn2Own contest at the CanSecWest conference in Vancouver this week. In this video he talks about the contest, the state of Apple security and the bug-finding and reporting process...

JetAudio 7.5.3 Crash Exploit

!/usr/bin/perl -w JetAudio 7.5.3 COWON Media Center.WAV file Memory Comsumption DoS Exploit Founded and exploited by prodigy Vendor: JetAudio Usage to reproduce the bug: you need a file of recorded music in .wav,and then open it with JetAudio and booom! Platform: Windows ==PoC== use strict; use...

Opera 9.2 (torrent File) Remote Denial of Service Exploit

Exploit for multiple platform in category dos / poc ========================================================= Opera 9.2 torrent File Remote Denial of Service Exploit ========================================================= / Created Date :April 23 2007 Credits go to n00b for finding this...