[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
我們在 Canon 和 HP 的印表機中發現了 Pre-auth RCE 的漏洞(CVE-2022-24673 及 CVE-2022-3942) 及 Lexmark 發現漏洞(CVE-2021-44734),並在 Pwn2Own Austin 2021 中取得所有印表機的控制權,成功獲得 Pwn2Own 中駭客大師(Master of Pwn) 的點數,這篇研究將講述 Canon 及 HP 漏洞的細節及我們的利用方式。| DEVCORE 戴夫寇爾
In 2021, we found Pre-auth RCE vulnerabilities(CVE-2022-24673 and CVE-2022-3942) in Canon and HP printers, and vulnerability(CVE-2021-44734) in Lexmark. We used these vulnerabilities to exploit Canon ImageCLASS MF644Cdw, HP Color LaserJet Pro MFP M283fdw and Lexmark MC3224i in Pwn2Own Austin 2021. Following we will describe the details of the Canon and HP vulnerabilities and exploitation.| DEVCORE 戴夫寇爾
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
In a previous entry, I wrote about making DNS name decompression| dotat.at
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
Earlier this year, I rewrote BIND’s DNS name compression algorithm.| dotat.at
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
