Security Analysis Toolkit for Proprietary Car Protocols: CANalyzat0r

While car manufacturers steadily refine and advance vehicle systems, requirements of the underlying networks increase even further. Striving for smart cars, a fast-growing amount of components are interconnected within a single car. This results in specialized and often proprietary car protocols...

ntp: Attack on interface selection

A flaw was found in the way ntpd running on a host with multiple network interfaces handled certain server responses. A remote attacker could use this flaw which would cause ntpd to not synchronize with the source...

curl: multiple issues

CVE-2016-5419 authentication bypass libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established...

CURL-CVE-2016-5421 use of connection struct after free

libcurl is vulnerable to a use after free flaw. libcurl works with easy handles using the type 'CURL ' that are objects the application creates using curleasyinit. They are the handles that are all each associated with a single transfer at a time. libcurl also has an internal struct that represen...