サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
災害への備え
blog.zecops.com
An observation The bug happens in the same function as with SMBGhost, the Srv2DecompressData function in the srv2.sys SMB server driver. Below is a simplified version of the function, with the irrelevant details omitted: typedef struct _COMPRESSION_TRANSFORM_HEADER { ULONG ProtocolId; ULONG OriginalCompressedSegmentSize; USHORT CompressionAlgorithm; USHORT Flags; ULONG Offset; } COMPRESSION_TRANS
Updates We published another writeup: https://blog.zecops.com/vulnerabilities/seeing-maildemons-technique-triggers-and-a-bounty/The vulnerability affected even the first iPhone (aka iPhone 1 / iPhone 2G) on iOS 3.1.3. First in-the-wild trigger to this vulnerability happened on October 2010.As you can see in the new writeup, this vulnerability is exploitable and we encourage to release a patch as s
CVE-2020-0796 Introduction Microsoft recently announced a bug in the compression mechanism of SMBv3.1.1. The bug is also known as “SMBGhost”. This bug has serious implications in managed networks. Windows 10 versions 1903 and 1909 are affected. Lucas Georges shared an excellent write-up. Even though the full code wasn’t shared, the details were sufficient for a quick implementation. In Lucas’ proo
このページを最初にブックマークしてみませんか?
『blog.zecops.com』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く