@Emerald to linuxmemes • 3 months agoDebian security amirite?imagemessage-square75arrow-up1997arrow-down114
arrow-up1983arrow-down1imageDebian security amirite?@Emerald to linuxmemes • 3 months agomessage-square75
minus-square@TangledHyphaelink1•3 months agoI doubt that was intentional, they would likely want to hide that latency but the CPU time required to scan everything just is what it is. https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b The hooked RSA_public_decrypt verifies a signature on the server’s host key by a fixed Ed448 key, and then passes a payload to system(). It’s RCE, not auth bypass, and gated/unreplayable.
I doubt that was intentional, they would likely want to hide that latency but the CPU time required to scan everything just is what it is.
https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b