[cs615asa] Red Team Week 5
Elliot Wasem
ewasem at stevens.edu
Mon Feb 24 11:52:15 EST 2020
Hey all,
I'd like to present an article which lays out vulnerabilities in the Interpeak IPnet stack as illustrated in CVE-2019-12255, CVE-2019-12262, and CVE-2019-12264. It describes a number of attack vectors (stack-based buffer overflow, heap-based buffer overflow, integer underflow, improper restriction of operations within memory buffer, concurrent shared resources, and a few others) which can be utilized to perform remote code execution.
https://www.us-cert.gov/ics/advisories/icsa-19-274-01
Elliot Wasem
https://elliotwasem.xyz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs615asa/attachments/20200224/d8115d6f/attachment.html>
More information about the cs615asa
mailing list