CVE-2023-4091 - How Samba’s VFS “acl_xattr” Module Let SMB Clients Wipe Read-Only Files
A serious bug was found in Samba that lets SMB clients delete (truncate) the contents of files—even if they only have read-only access! This
CVE-2023-46847 - Exploiting a Critical Buffer Overflow in Squid’s HTTP Digest Authentication
---
Introduction
In October 2023, a critical vulnerability was discovered in Squid, the popular open-source proxy server and web cache. This vulnerability—CVE-2023-46847—opens the
CVE-2023-46848 - Deep Dive Into the Squid DoS Vulnerability With Code, Exploit Details, and Mitigation
*Published: June 2024*
Summary:
CVE-2023-46848 is a Denial of Service (DoS) vulnerability in Squid, the popular open-source proxy and cache server. This vulnerability allows attackers
CVE-2023-38470 - Reaching the Heart of Avahi - How a Simple Label Escape Weakness Exposes Your Linux Device
The CVE-2023-38470 vulnerability is a serious issue discovered in Avahi, a widely-used open-source mDNS/DNS-SD (Bonjour/Zeroconf/Apple-style device discovery) implementation. It exposes millions of
CVE-2023-38472 - Exploiting the Avahi avahi_rdata_parse() Reachable Assertion Vulnerability
If you’re managing Linux systems or networked devices, you’ve probably come across Avahi. Avahi is the go-to open source implementation for Zeroconf and
Episode
00:00:00
00:00:00