all InfoSec news
CVE-2022-37706
Dec. 4, 2022, 9:58 p.m. | /u/oubaydos
cybersecurity www.reddit.com
>Now eina\_strbuf\_new() will just initialize the command that will be passed to
system, the problem here is that we entered it as:
>
>/bin/mount -o noexec,nosuid,utf8,nodev,iocharset=utf8,utf8=0,utf8=1,uid=$(id -u), "/dev/../tmp/;/tmp/exploit" /tmp///net
>
>But the binary calls eina\_strbuf\_append\_printf() for several times and …
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Systems Security Officer (ISSO) (Remote within HR Virginia area)
@ OneZero Solutions | Portsmouth, VA, USA
Security Analyst
@ UNDP | Tripoli (LBY), Libya
Senior Incident Response Consultant
@ Google | United Kingdom
Product Manager II, Threat Intelligence, Google Cloud
@ Google | Austin, TX, USA; Reston, VA, USA
Cloud Security Analyst
@ Cloud Peritus | Bengaluru, India