Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Dive into a comprehensive case study on exploiting CVE-2023-20032, a heap-buffer-overflow vulnerability in ClamAV, an open-source antivirus engine maintained by Cisco. Explore the challenges of remotely exploiting antivirus software and learn about a unique technique to bypass ASLR. Understand the potential impact of compromising ClamAV, which is widely used in email servers and appliances, potentially allowing attackers to access emails and control network traffic. Gain insights into the large attack surface exposed by antivirus engines and the difficulties posed by modern mitigations. Discover the lessons learned from developing a reliable exploit that achieves remote code execution, and consider how this technique can be applied to similar targets.