all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

207 - Git Config Injection and a Sophos Pre-Auth RCE [Bug Bounty Podcast]

Add to bookmarks
May 2, 2023, 8 p.m. | DAY[0]

DAY[0] www.youtube.com

On this weeks bug bounty podcast we take a look at a few interesting issues. While they are all patched, there is reason to believe they'd all creep up in other applications too. First up is an RCE due to nested use of an escaped string. Second a fgets loop that doesn't account for long lines. A XML signature verification tool with a deceptive interface, and last a look at how Bash's privileged mode can backfire.

Links and vulnerability summaries …

applications auth bounty bug bug bounty git injection nested podcast rce sophos

Visit resource

More from www.youtube.com / DAY[0]

253 - A Retrospective and Future Look Into DAY[0] 1 week, 6 days ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 1 month, 1 week ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month, 2 weeks ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month, 2 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 3 weeks ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 3 weeks ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 2 months ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 2 months ago | www.youtube.com
api bounty bug bug bounty +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

DevSecOps Engineer

@ LinQuest | Beavercreek, Ohio, United States
View on infosec-jobs.com

Senior Developer, Vulnerability Collections (Contractor)

@ SecurityScorecard | Remote (Turkey or Latin America)
View on infosec-jobs.com

Cyber Security Intern 03416 NWSOL

@ North Wind Group | RICHLAND, WA
View on infosec-jobs.com

Senior Cybersecurity Process Engineer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Sr. Manager, Cybersecurity and Info Security

@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US
View on infosec-jobs.com
View more jobs