Adventures in Video Conferencing Part 3: The Even Wilder World of WhatsApp

Posted by Natalie Silvanovich, Project Zero WhatsApp is another application that supports video conferencing that does not use WebRTC as its core implementation. Instead, it uses PJSIP, which contains some WebRTC code, but also contains a substantial amount of other code, and predates the WebRTC...

MikroTik RouterOS < 6.38.4 (x86) - Chimay Red Stack Clash Remote Code Execution Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/env python2 Mikrotik Chimay Red Stack Clash Exploit by wsxarcher based on BigNerd95 POC tested on RouterOS 6.38.4 x86 ASLR enabled on libs only DEP enabled import socket, time, sys, struct from pwn import import ropgadget...

HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution

HPE Intelligent Management Center iMC 7.2 E0403P10 - Code Execution Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 E0403P10 Enterprise, this vulnerability leads to an exploitable remote code...

SUSE SLED10 / SLES10 Security Update : glibc (SUSE-SU-2012:1488-1)

This collective update to the GNU Lib C library glibc provides the following fixes : - Make addmntent return errors also for cached streams bnc676178, CVE-2011-1089 - Fix overflows in vfprintf bnc770891, CVE-2012-3406 - Fix incomplete results from nscd bnc753756 - Fix a deadlock in dlsym in case...

QNX 6.5.0 x86 io-graphics - Local root Exploit

Exploit for QNX platform in category local exploits / QNX 6.5.0 x86 io-graphics local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/io-graphics on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTON2HOME...

QNX 6.5.0 x86 phfont - Local Privilege Escalation

/ QNX 6.5.0 x86 phfont local root exploit by cenobyte 2013 - vulnerability description: Setuid root /usr/photon/bin/phfont on QNX is prone to a buffer overflow. The vulnerability is due to insufficent bounds checking of the PHOTONHOME environment variable. - vulnerable platforms: QNX 6.5.0SP1 QNX...

SuSE 10 Security Update : glibc (ZYPP Patch Number 8351)

This collective update to the GNU Lib C library glibc provides the following fixes : - Make addmntent return errors also for cached streams. bnc676178, CVE-2011-1089 - Fix overflows in vfprintf. bnc770891, CVE-2012-3406 - Fix incomplete results from nscd. bnc753756 - Fix a deadlock in dlsym in ca...