每日安全动态推送(3-2)

Tencent Security Xuanwu Lab Daily News

• Decoding BlazorPack:
https://sensepost.com/blog/2023/decoding-blazorpack/

   ・ 记录一次分析并解包BlazorPack协议的过程 – WireFish

• 区块链常见漏洞列表:
https://github.com/slowmist/Cryptocurrency-Security-Audit-Guide/blob/main/Blockchain-Common-Vulnerability-List_CN.md

   ・ 区块链常见漏洞列表 – WireFish

• sudo: double free with per-command chroot sudoers rules:
https://seclists.org/oss-sec/2023/q1/119

   ・ sudo 的 per-command chroot 特性实现代码中存在 double free 漏洞 – WireFish

• [PDF] https://arxiv.org/pdf/2302.14045.pdf:
https://arxiv.org/pdf/2302.14045.pdf

   ・ 微软发布多模态大语言模型 KOSMOS-1 – keenan

• C101010: PHP SplDoublyLinkedList::pop() Use After Free:
https://therealcoiffeur.com/c101010

   ・ PHP SplDoublyLinkedList::pop函数中的UAF漏洞及利用 – xmzyshypnc

• A New Vector For “Dirty” Arbitrary File Write to RCE:
https://blog.doyensec.com/2023/02/28/new-vector-for-dirty-arbitrary-file-write-2-rce.html

   ・ 一种将uWSGI服务器所部署服务的受限文件写入漏洞转换成RCE的攻击方式 – xmzyshypnc

• CVE-2022-38108: RCE in SolarWinds Network Performance Monitor:
https://www.zerodayinitiative.com/blog/2023/2/27/cve-2022-38108-rce-in-solarwinds-network-performance-monitor

   ・ SolarWinds NPM对Json数据反序列化时缺乏校验，导致远程命令执行，攻击需认证。 – keenan

• [Tools] The Uniswap Standard, From Zero To Mastery:
https://mirror.xyz/haruxe.eth/q-2jXIvcXI4cPDgmQLac1L_iQ6zXgbmCtIhgCHnabc8

   ・ 介绍去中心化交易所 Uniswap（从v1到v3）所使用的协议 – WireFish

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(3-2)