I laughed at the description of `sendmail` as “... less a mail transfer agent and more a recurring CVE subscription.”
-
I laughed at the description of `sendmail` as “... less a mail transfer agent and more a recurring CVE subscription.”
We Asked Claude to Audit Sagredo's qmail. It found a RCE.
One prompt, 101 minutes, and a working exploit against a widely deployed qmail fork.
(blog.calif.io)
-
I laughed at the description of `sendmail` as “... less a mail transfer agent and more a recurring CVE subscription.”
We Asked Claude to Audit Sagredo's qmail. It found a RCE.
One prompt, 101 minutes, and a working exploit against a widely deployed qmail fork.
(blog.calif.io)
Is that code really using popen invoking touch to do the equivalent of open?
-
Is that code really using popen invoking touch to do the equivalent of open?
@david_chisnall Feels like the kind of vulnerability that you shouldn’t need 101 minutes of “AI” time to detect.
-
@david_chisnall Feels like the kind of vulnerability that you shouldn’t need 101 minutes of “AI” time to detect.
I don't know, you'd probably have to pay a human a lot to be willing to look at code like that...
-
R relay@relay.infosec.exchange shared this topic
