Root Cause Analysis of a Printer’s Drivers Vulnerability CVE-2021-3438
voidsec2022-01-14T08:58:25+01:00Last week SentinelOne disclosed a "high severity" flaw in HP, Samsung, and Xerox printer's drivers (CVE-2021-3438); the blog post highlighted a vulnerable strncpy operation with a user-controllable size parameter but it did not explain the reverse engineering nor the exploitation phase of the issue. With this blog post, I would like to analyse the vulnerability and its exploitability.
This blog post is a re-post of the original article “Root Cause Analysis of a Printer's Driver Vulnerability” that I have written for...
voidsec2022-01-14T09:04:08+01:00TL; DR: this blog post serves as an advisory for both:
CVE-2020-28054: An Authorization Bypass vulnerability affecting JamoDat – TSMManager Collector v. <= 126.96.36.199
A Stack Based Buffer Overflow affecting IBM Tivoli Storage Manager - ITSM Administrator Client Command Line Administrative Interface (dsmadmc.exe) Version 5, Release 2, Level 0.1.
Unfortunately, after I had one of the rudest encounters with an Hackerone’s triager, these are the takeaways:
IBM Tivoli Storage Manager has reached its end of life support and will not be...