In our last episode of 2024, we delve into some operating system bugs in both Windows and Linux, as well as some bugs that are not bugs but rather AI slop.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/267.html

[00:00:00] Introduction

[00:06:48] Buffer Overflow Risk in Curl_inet_ntop and inet_ntop4

[00:19:20] Bypassing WAFs with the phantom $Version cookie

[00:27:51] Windows Sockets: From Registered I/O to SYSTEM Privileges

[00:34:02] ksthunk.sys Integer Overflow (PE)

[00:38:20] Linux Kernel: TOCTOU in Exec System

Podcast episodes are available on the usual podcast platforms:

-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063

-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt

-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz

-- Other audio platforms can be found at https://anchor.fm/dayzerosec

You can also join our discord: https://discord.gg/daTxTK9