I know I'm getting older and more responsible when I read exploit-db and go "oh fucknuts more patching ARGH" instead of "omg time to disappear for a week and cause problems online." Middle age I tell ya...
This list is for people who really haven't been keeping up on Infosec news. The following products are having security issues:
- Virtually anything windows related
- MS Exchange Server (6mo old exploit), Sharepoint (year old exploit). I saw the sharepoint one and went OOO since sharepoint servers tend to have massive amounts of loot on them.
- The windows printer service will still let you download drivers from any old machine. There's also an authentication bypass so between the two it's immediate pwnage of anything that hasn't gotten updates.
- There's a variant on yet another AD hack that exposes the TGT, the most common of which uses the print spooler to create a subvert-able authentication request sent to the requesting hacker. Looks like another ASREP but I haven't tried it.
- Linux polkit local priviledge escalation wasn't good but hadn't been included in a lot of stuff
- There's an exploitable integer overflow in seq_file in the linux kernel thats for 3.13 to any modern kernel
- Someone wrote a scanner for http-smuggling stunts. For the most part chunked transfer encoding seems the most common issue and can demonstrably bypass a number of WAFs, but there are other tricks. Basically anything that specifies a content length is also a target. The original portswigger paper actually mainly discussed stuff that wasn't chunked transfer encoding, that's simply emerged as the most useful of such tricks. Basically it's so you can trick load balancers and caching servers into calling the wrong page, except they're inside the network so it's kind of like an easily controllable SSRF I think. Def something I'm going to put some time into.