3dbrew

Changes

3DS Userland Flaws (edit)

Revision as of 05:55, 12 August 2018

620 bytes added ,  05:55, 12 August 2018
→‎System applets: smea's defcon presentation: mhax
Line 334: Line 334:  
| May 20, 2018
 
| May 20, 2018
 
| [[User:Nba_Yoh|MrNbaYoh]]
 
| [[User:Nba_Yoh|MrNbaYoh]]
 +
|-
 +
| MicroSD Management - malformed security blob causes stack buffer overflow (mhax)
 +
| The MicroSD Management application's parsing of Windows NTLM security blobs in the SMB/CIFS protocol doesn't verify that the client's specified NT domain name is less than 32 UTF-16 characters.  When it's longer, a stack buffer overrun occurs, leading to a ROP chain and complete control of the mcopy application.
 +
 +
The malformed security blob can be sent by an attacker within the SMB_COM_SESSION_SETUP_ANDX (0x73) packet.
 +
| [[11.8.0-41|11.8.0-41]]
 +
| [[11.8.0-41|11.8.0-41]]
 +
| [[9.0.0-20|9.0.0-20]]
 +
| August 12, 2018
 +
| 2018
 +
| smea
 
|}
 
|}
  
Myria
119

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/20808"