SBA master student discovers flaw in Ruby on Rails
Rails 3.0.5 doesn’t validate the input for the X-Forwarded-For field in the header sent by clients with a class C remote-addr. (see: TRUSTED_PROXIES). (Security Focus, more details…)
News
SBA Newsletter
Upcoming events @ SBA
IKT-Sicherheitskonferenz 2025 & Young Researchers’ Day
25.06.2025 - 26.06.2025
SBA @ USENIX ATC ’25
09.07.2025
SHECURITY: Pizza & Conference Talks
17.07.2025
SBA Research at a glance
Detection of Null Pointer Dereference in MediaTek VoLTE Stack Firmware with sipgate and ISMK Stralsund
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
SBA Security Advisory – Null pointer dereference in MediaTek Modem (CVE-2025-20647)
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞
OCG Förderpreis 2025 Awarded to Daryna Oliynyk!
In 2025, the Austrian Computer Society (OCG) once again recognizes outstanding academic work in the fields… ∞