all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

205 - SecurePoint UTM, Chfn, and Docker Named Pipe Vulns [Bug Bounty Podcast]

Add to bookmarks
April 25, 2023, 8 p.m. | DAY[0]

DAY[0] www.youtube.com

For this week's bug bounty podcast We start off with a bit of a unique auth bypass in a firewall admin panel. We've also got a couple desktop-based software bugs, with a Docker Desktop privilege escalation on windows, and a chfn bug. We've also got a couple escalation techniques, one for Azure environments, and another trick for exploiting semi-controlled file-writes.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/205.html

[00:00:00] Introduction
[00:00:32] SecurePwn Part 1: Bypassing SecurePoint UTM’s …

abusing auth authentication azure bounty bug bug bounty bugs bypass bypassing cve desktop docker environments escalation etc exploiting firewall introduction linux panel podcast privilege privilege escalation securepoint software start techniques utm vulns windows

Visit resource

More from www.youtube.com / DAY[0]

252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 3 weeks, 5 days ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 4 weeks ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 1 week ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 1 month, 2 weeks ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 1 month, 2 weeks ago | www.youtube.com
api bounty bug bug bounty +20
244 - Linux Burns Down CVEs [Binary Exploitation Podcast] 1 month, 3 weeks ago | www.youtube.com
binary binary exploitation buffer buffer overflow +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Architect III

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Marlabs | Chennai, IN
View on infosec-jobs.com

Consultant Cyber Sécurité H/F

@ Hifield | Lyon, France
View on infosec-jobs.com

Cyber Security Consultant (Remote, US)

@ Crosslake Technologies | Remote (US)
View on infosec-jobs.com

PE Hub- SAP GRC/ IAG Consultant

@ SAP | Bengaluru, IN, 560066
View on infosec-jobs.com
View more jobs