Hey there,
I am going to disclose two bug classes I found a while ago in CheckPoint R77.30: Two buffer overflows in the username (no shit) and HTTP method of a request to the administrative UI pre-auth and some interesting injections into the TCL web interface.
Continue reading “Hilarious Buffer Overflow Mitigation and TCL Injection in CheckPoint Gaia Portal”
Continue reading