atftpd - Multiple Memory Corruption Vulnerabilities
atftpd contained multiple vulnerabilities, including stack buffer overflow, concurrency issues and heap-based read overflow.
read more
Pulse Security is a specialist information security consultancy.
We're here to help your business stay protected from adversaries.
We look at your business like your real adversaries would. They won't go easy and we won't either.
We go beyond just using automated tools, instead using skills and techniques that real adversaries do.
We provide unbiased, independent advice. There is no upsell.
We're focused on offensive security, including dedicated research days to continually develop our skills.
All engagements follow our comprehensive technical methodologies and quality assurance process.
Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.
Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.
For when things go wrong, our experienced and qualified team will help with getting you back on track. The time immediately after a security incident is make or break, and the right choices are critical.
atftpd contained multiple vulnerabilities, including stack buffer overflow, concurrency issues and heap-based read overflow.
read moreBy default, Microsoft BitLocker protected OS drives can be accessed by sniffing the LPC bus, retrieving the volume master key when it’s returned by the TPM, and using the retrieved VMK to decrypt the protected drive. This post will look at extracting the clear-text key from a TPM chip by sniffing the LPC bus, either with a logic analyzer or a cheap FPGA board. This post demonstrates the attack against an HP laptop logic board using a TPM1.2 chip and a Surface Pro 3 using a TPM2.0 chip. From bus wiring through to volume decryption. Source code included.
Kanboard 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA deactivation, allowing an unauthenticated attacker to disable an account’s 2FA configuration. A lack of integrity checking or transport layer encryption enforced on plugins enables remote code execution by a malicious admin. Other vulnerabilities include: session privilege retention, 2FA bypass, database user_id and pre-2FA information disclosure.
Interested in working with us?
+64 4 889 4756
info at pulsesecurity.co.nz