alt Hacker NewsA glance at the nmap one seems potentially high severity. It might be a nothing in practice, but it being around parser code means the chances of preparing something to jump around are pretty high.
There'd be a certain irony being able to reverse shell anyone doing an nmap scan. If i had infinite tokens i'd throw claude on writing an exploit and dig through the history who made it possible because - if we take a moment to wildly speculate and assume it can ACE - this is the kind of bug an intelligence agency would love to have: Add a few ipv6 packets that then edit the trace being observed if the observer uses nmap / get access to any researcher pc who uses nmap.
Replies
Wireshark dissectors (protocol decoders) are basically all written in C, and anyone sending packets can pick a dissector.
>There'd be a certain irony being able to reverse shell anyone doing an nmap scan.
Every TV / movie hacker has known about this.
These kind of tools have always had a broad attack surface. I've assumed state level actors already have exploits for them, mostly based on when I've used such tools for mundane network maintenance tasks and somehow do something that triggered an old-fashioned segfault.