3DS System Flaws: Difference between revisions
Disclose flaws following 11.14 release |
SSLoth →Standalone Sysmodules |
||
| Line 1,021: | Line 1,021: | ||
! Timeframe this was added to wiki | ! Timeframe this was added to wiki | ||
! Discovered by | ! Discovered by | ||
|- | |||
| SSLoth: [[SSL_Services|SSL]] sysmodule improper certificate verification | |||
| Initially, the SSL sysmodule missed the R_VERIFY_RES_SIGNATURE entry in the "resource list" provided to the RSA BSAFE library. Consequently, it did not check signatures when validating certificate chains. | |||
| Forge fake certificates, spoof official servers and perform MitM attacks on SSL/TLS connections. | |||
| [[11.14.0-46]] | |||
| [[11.14.0-46]] | |||
| 2020 | |||
| December 18, 2020 | |||
| [[User:Nba_Yoh|MrNbaYoh]], shutterbug2000 (independently) | |||
|- | |- | ||
| [[CECD_Services|CECD:ndm]] SetNZoneMacFilter (cmd8) stack smashing | | [[CECD_Services|CECD:ndm]] SetNZoneMacFilter (cmd8) stack smashing | ||