[Owasp-leaders] Use-after-free vulnerability information on the wiki
Tom Brennan - OWASP
tomb at owasp.org
Mon Jul 25 20:37:00 UTC 2016
Ahh the power of the wiki - restored
GPG ID: DC6AA149
On Mon, Jul 25, 2016 at 2:59 PM, Antonio Fontes
<antonio.fontes at owasp.org> wrote:
> There is some traction by several security news sources 
> reporting a major vulnerability found in Pornhub/PHP (RCE and full
> access to members database).
> The technical analysis written by the authors includes several
> references to OWASP material/wiki for details. One relates to the
> "use-after-free" vulnerability. Unfortunately, the page was deleted
> just a few days before the analysis went online.
> I am guessing there might be some list members who probably wrote a
> description about this vulnerability, which could be rapidly
> contributed/donated into the wiki? That would be great.
> 1: https://www.grahamcluley.com/2016/07/happy-ending-pornhub-vulnerability-researchers-gain-access-entire-user-database/
> 2: http://www.theinquirer.net/inquirer/news/2465902/pornhub-has-been-hacked-but-the-hackers-arent-spilling-anything
> 4: https://www.owasp.org/index.php/Using_freed_memory
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
The information contained in this message and any attachments may be
privileged, confidential, proprietary or otherwise protected from
disclosure. If you, the reader of this message, are not the intended
recipient, you are hereby notified that any dissemination, distribution,
copying or use of this message and any attachment is strictly prohibited.
If you have received this message in error, please notify the sender
immediately by replying to the message, permanently delete it from your
computer and destroy any printout.
More information about the OWASP-Leaders