Nothing new under the Sun - Discovering and exploiting a CDE bug chain

This page summarizes the projects mentioned and recommended in the original post on /r/netsec
Exploits buffer-overflow Solaris Linux aix

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • exploits

    A handy collection of my public exploits, all in one place. (by 0xdea)

    • I have identified multiple security vulnerabilities that are exploitable via the the setuid-root dtprintinfo binary from the Common Desktop Environment (CDE) distributed with Oracle Solaris 10. I demonstrated the possibility to chain together a printer name injection bug in dtprintinfo and a stack-based buffer overflow in libXm to achieve local privilege escalation to root on a fully-patched Solaris 10 system. The exploit is available at https://github.com/0xdea/exploits/blob/master/solaris/raptor_dtprintlibXmas.c.

  • vulns

    HN Security's advisories. (by hnsecurity)

    • Oracle won't be releasing patches. See https://github.com/hnsecurity/vulns/blob/main/HNS-2022-01-dtprintinfo.txt for additional details.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • [ITA] - Marco Ivaldi aka raptor

    1 project | /r/SecurityIT | 13 Jul 2022

  • MARCO IVALDI: The INFILTRATE Effect: 6 Bugs in 6 Months

    1 project | /r/netsec | 2 Feb 2021

  • Best way to benchmark PCs under Linux, with CPU/GPU/disk/RAM testing?

    2 projects | /r/linuxquestions | 11 Dec 2023

  • Looking for some comparison on build times on recent GCC versions.

    2 projects | /r/cpp | 18 Jun 2023

  • LTO and CFLAGS benchmarking ideas

    1 project | /r/Gentoo | 31 May 2023