The following is a wishlist of vulnerabilities we want to add or perfect in the future
- Buffer Overflow needs a better exploit, preferrably overriding the stack pointer would be ideal, but this is architecture-dependent.
- A better PRNG crack that breaks
java.util.Random, but doesn't breakSecureRandom - Some more web vulnerabilities, ones that demonstrate different concepts than just injection
- OS command injection needs an "even better" coding example that uses the underlying API
- Uninitialized pointer (e.g. https://access.redhat.com/security/cve/CVE-2012-6542)
- Uninitialized pointer (e.g. https://access.redhat.com/security/cve/CVE-2012-6542)
- Race conditions - maybe https://www.redhat.com/security/data/cve/CVE-2013-0871.html
- Use-after-free vulnerabilities
Ideas for new VotDs
- Cache poisoning. Dig up the details on the ARP and DNS cache poisoning vulnerability. Make a simple cache and show how it works conceptually
- Core dumps. Information disclosure through core dump files. Show how to trace through them, and how to configure so they're turned off
- PHP include vulnerabilities.
- Poor hashcodes leading to a denial of service
- Using normal Javascript to parse JSON can lead to XSS (or just JS injection) - is this relevant? it's certainly possible