BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.devconf.info//devconf-us-2025//talk//GNFAGV
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-devconf-us-2025-GNFAGV@pretalx.devconf.info
DTSTART;TZID=EST:20250919T152000
DTEND;TZID=EST:20250919T155500
DESCRIPTION:In this talk\, we’ll explore in detail about Remote Code Exec
 ution (RCE) and Arbitrary Command Execution attacks by diving into real-wo
 rld vulnerabilities. I intend to explain how attackers exploit popular ope
 n source libraries through specific CVEs.\n\nVulnerabilities that we will 
 look into: (See notes for detailed explanation)\n\n- CVE-2024-47076: cups-
 filters: \nA vulnerability in CUPS allows attackers to exploit a flaw in h
 ow it processes print requests. By sending a malformed request\, an attack
 er can trigger a memory issue\, potentially leading to the attacker taking
  control of the system. \n\n- CVE-2024-6345: python-setuptools: \nAttacker
 s can leverage weaknesses in the package_index module to run arbitrary cod
 e during package downloads\, potentially compromising entire Python build 
 environments. \n\n- CVE-2024-32002: git:\nA vulnerability enables code exe
 cution during the cloning of local repositories\, posing a risk to version
  control workflows.\n\nThis session includes a live demo showcasing an att
 ack scenario in a controlled environment\, providing attendees with practi
 cal insights into exploit execution.
DTSTAMP:20260310T094736Z
LOCATION:106 (Capacity 45)
SUMMARY:Unveiling Remote Code Execution: How Vulnerabilities Lead to System
  Takeovers - Suyash Nalawade
URL:https://pretalx.devconf.info/devconf-us-2025/talk/GNFAGV/
END:VEVENT
END:VCALENDAR