Exploiting Solaris 10 -11.0 SunSSH via libpam on x86 - a blog post from Hacker House

· · Tootle for Mastodon · 1 · 2 · 1

@hackerfantastic how the fuck did such a kindergarten variety of buffer overflow stay there for so long?

@wolf480pl very good question, there are investigations going on that have indicated that the NSA may have collaborated (or exploited) Sun Microsystems along with Microsoft to ensure they had exploit material available for their operations. This vulnerability is not one of those and apparently just slipped the net and went unnoticed except by attackers who kept it a private exploit for well over 6 years.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!