2,000+ Free Courses with Certificates: Coding, AI, SQL, and More
AI, Data Science & Cloud Certificates from Google, IBM & Meta
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a comprehensive analysis of memory corruption vulnerabilities discovered in ncurses, identified as CVE-2023-29491, in this 44-minute conference talk from the 44CON Information Security Conference. Delve into the potential impacts of these vulnerabilities, ranging from memory leaks and denial-of-service attacks to privilege escalation and arbitrary code execution. Learn about the history of ncurses, a widely-used library for developing text-based user interface programs, and understand its significance in various operating systems. Discover the process of selecting ncurses for scrutiny, the concept of terminal databases and terminfo format, and how a single environment variable can trigger these vulnerabilities. Gain insights from Emanuele Cozzi, a Security Researcher at Microsoft Defender, as he shares his expertise in Linux security, binary analysis, and malware research.
Syllabus
Emanuele Cozzi - Uncursing the ncurses
Taught by
44CON Information Security Conference