Toot

Written by Will Dormann on 2025-01-11 at 17:48

Using a 1-line change of the BishopFox PoC for CVE-2025-0282, we can easily see the vulnerable Ivanti web server crash.

https://github.com/BishopFox/CVE-2025-0282-check

Given that there's no stack canary, and there's only 9 bits of ASLR entropy, we can probably successfully brute force a successful exploit if we want to.

=> View attached media

=> More informations about this toot | View the thread | More toots from wdormann@infosec.exchange

Mentions

Tags

Proxy Information
Original URL
gemini://mastogem.picasoft.net/toot/113810978667798232
Status Code
Success (20)
Meta
text/gemini
Capsule Response Time
1314.203179 milliseconds
Gemini-to-HTML Time
0.721855 milliseconds

This content has been proxied by September (ba2dc).