Tag: ilja van sprundel

ADVISORIES | March 6, 2020

pppd Vulnerable to Buffer Overflow Due to a Flaw in EAP Packet Processing (CVE-2020-8597)

By Ilja van Sprundel

Due to a flaw in the Extensible Authentication Protocol (EAP) packet processing in the Point-to-Point Protocol Daemon (pppd), an unauthenticated remote attacker may be able to cause a stack buffer overflow, which may allow arbitrary code execution on the target system.

This vulnerability is due to an error in validating the size of the input before copying the supplied data into memory. As the validation of the data size is incorrect, arbitrary data can be copied into memory and cause memory corruption possibly leading to the execution of unwanted code.

INSIGHTS | February 24, 2012

IOActive’s IOAsis at RSA 2012

By IOActive

 

This is not a technical post as usual. This is an invitation for an important event if you are going to RSA 2012 and want to escape the chaos and experience the luxury at IOAsis while enjoying great technical talks and meeting with industry experts. If you want to feel like a VIP and have great time then don’t miss this opportunity!

 

We have scheduled some really interesting talks such as:
  • Firmware analysis of Industrial Devices with IOActive researcher Ruben Santamarta
  • Mobile Security in the Enterprise with IOActive VP, David Baker and IOActive Principal Consultant, Ilja van Sprundel
  • The Social Aspect of Pen Testing with IOActive Managing Consultant, Ryan O’Horo
  • Battling Compliance in the Cloud with IOActive Principal Compliance Consultant, Robert Zigweid
We hope to see you there!