Zoom E2E, 15 year old bugs, and killing 20 year old attacks

The DAY[0] podcast will be on break until September 14, 2020

A quick chat about E2E Crypto and Zoom, followed by a few noteworth exploits including Bluetooth impersonation, a 15-year old qmail CVE, NordVPN, and an RCE in Google

[00:00:50] Adventures of porting MUSL to PS4

[00:01:55] End-to-End Encryption for Zoom Meetings

[00:13:16] Memory safety - The Chromium Projects

[00:21:17] First 0d iOS jailbreak in 6 years

[00:24:11] BIAS: Bluetooth Impersonation AttackS

• https://little-canada.org/pdf/web/viewer.html?file=antonioli-20-bias.pdf
• https://francozappa.github.io/about-bias/talk/bias-snp/

[00:33:13] 15 years later: Remote Code Execution in qmail (CVE-2005-1513)

• http://tukan.farm/2016/07/27/munmap-madness/
• https://cr.yp.to/qmail/guarantee.html
• http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html

[00:48:01] Privilege Escalation in Parallels Desktop via VGA Device [CVE-2020-8871]

• https://twitter.com/matalaz/status/580600098092105728

[00:55:50] Multiple vulnerabilities in Dovecot IMAP server

[00:59:05] Yet another arbitrary delete EoP [CVE-2020–1088]

[01:06:29] Vulnerabilities chain leading to privilege escalation [NordVPN]

[01:09:27] Race condition in activating email resulting in infinite amount of diamonds received

[01:12:23] RCE in Google Cloud Deployment Manager

[01:28:17] QNAP Pre-Auth Root RCE

[01:37:07] Safe-Linking - Eliminating a 20 year-old malloc() exploit primitive

[01:47:37] Not So Fast: Understanding and Mitigating Negative Impacts of Compiler Optimizations on Code Reuse Gadget Sets

[02:05:43] Precise XSS detection and mitigation with Client-side Templates

[02:17:53] Documenting the impossible: Unexploitable XSS labs

DAY[0] will be on break until September but you can find the video archive on on Youtube (@DAY[0])