RCE in OpenBSD

https://www.cve.org/CVERecord?id=CVE-2024-29937
> RCE in OpenBSD NFS server
Imagine the damage it would do if anyone actually used the meme OS in production.

Mike Stoklasa's Worst Fan Shirt $21.68

UFOs Are A Psyop Shirt $21.68

Mike Stoklasa's Worst Fan Shirt $21.68

  1. 3 weeks ago
    Anonymous

    What is RCE?

    • 3 weeks ago
      Anonymous

      Remote
      Comething
      Exploit

    • 3 weeks ago
      Anonymous

      Remote code execution.

      • 3 weeks ago
        Anonymous

        Thanks, FBI.

    • 3 weeks ago
      Anonymous

      Rectal Cavern Enjoyer

  2. 3 weeks ago
    Anonymous

    Did they publish anything other than an easily faked youtube video?

    • 3 weeks ago
      Anonymous

      That is a teaser trailer, and I also thought it was hilariously bad.

      • 3 weeks ago
        Anonymous

        I wouldnt be surprised if theyre for real, but I also wouldn't be surprised if they are full of shit. People claim to do stuff all the time, and openBSD is pretty battle tested. Time will tell what the real story is.

      • 3 weeks ago
        Anonymous

        >teaser trailer for a rce
        Heartbleed was a massive fricking mistake.

    • 3 weeks ago
      Anonymous

      That is a teaser trailer, and I also thought it was hilariously bad.

      I wouldnt be surprised if theyre for real, but I also wouldn't be surprised if they are full of shit. People claim to do stuff all the time, and openBSD is pretty battle tested. Time will tell what the real story is.

      >https://t2.fi/schedule/2024/#speech5

      • 3 weeks ago
        Anonymous

        >https://www.signedness.org/misc/

      • 3 weeks ago
        Anonymous

        I'm assuming this only works over a local network if it does work. NFS is weird in general lol, prolly they are on to something. Doesn't make sense to me it would affect OpenBSD and not most linux distros though.

        • 3 weeks ago
          Anonymous

          >Doesn't make sense to me it would affect OpenBSD and not most linux distros though.
          Aren't they completely separate implementations?

        • 3 weeks ago
          Anonymous

          Linux has a more battle tested and audited implementation of NFS, considering how much more people use it.

  3. 3 weeks ago
    Anonymous

    Only two remote holes in the default install, in a heck of a long time!

    • 3 weeks ago
      Anonymous

      >heartbleed
      >holey for over a decade.
      It isn't by chance.

  4. 3 weeks ago
    Anonymous

    Umm sweaty NFS is not enabled by default in the default install so it doesn't count :^)

  5. 3 weeks ago
    Anonymous

    Daily reminder that OpenBSD approach to security is is just implement a bunch of esoteric meme mitigations without any kind of threat model behind.
    Any shit Linux box with MAC like AppArmor, SELinux or TOMOYO are way more secure.

  6. 3 weeks ago
    Anonymous

    NFS is brain damage. It's never used in production apart from some neckbeard's "homelab". This is a nothingburger.

  7. 3 weeks ago
    Anonymous

    ?feature=shared
    What's this terminal? Looks cool

    • 3 weeks ago
      Anonymous

      Cool-retro-term

    • 3 weeks ago
      Anonymous

      Why is the security scene so clownish that looks like they are characters in a show about hackers written by people that don't understand computers?

      • 3 weeks ago
        Anonymous

        If you could rock that look at your day job wouldn't you jump at the chance?

  8. 3 weeks ago
    Anonymous

    RED ALERT
    DEPLOY THE jerking off MONKEYS
    THIS IS NOT A DRILL

  9. 3 weeks ago
    Anonymous

    Fake and gay.

  10. 3 weeks ago
    Anonymous

    freebsd won

Your email address will not be published. Required fields are marked *