Researchers have uncovered vulnerabilities in the widely deployed Ghostscript package that allows bad actors to remotely take control of vulnerable systems. There's no current patch available for the multiple flaws discovered.
Ghostscript is a suite of tools used by hundreds of software suites and coding libraries, which allows desktop software and web servers to handle Adobe Systems' PostScript and PDF page description languages.
Multiple bypass vulnerabilities, disclosed Tuesday, exist in the suite's optional -dSAFER feature, which is ironically supposed to prevent unsafe PostScript operations. By causing Ghostscript (or a program leveraging Ghostscript) to parse a specially-crafted malicious file, a remote, unauthenticated attacker may be able to execute arbitrary commands with the privileges of the Ghostscript code.
(Score: 2) by maxwell demon on Thursday August 23 2018, @09:14PM (5 children)
Turing completeness by itself is not dangerous. Jota [wikipedia.org] is a Turing-complete language, too, but I don't think you can do anything harmful with it. The worst you can do is eat processor cycles and RAM (it doesn't even have output!).
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Friday August 24 2018, @01:24PM (4 children)
you can rawhammer / spectre / meltdown with anything right into the kernel space.
(Score: 2) by maxwell demon on Friday August 24 2018, @02:37PM (3 children)
How do you use rawhammer or meltdown with a language that doesn't allow explicit memory addressing nor indices? How do you gain information via spectre with a language that neither supports timing? Not to mention that you would have a hard time to get on any information you might have gained from your program without any way to get any information out of your program?
Yes, Iota is a pretty useless language; it doesn't even allow you to write a Hello World program. But it is Turing complete.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by RamiK on Monday August 27 2018, @02:39PM (2 children)
Being Turing complete means you can implement every other language... So, pick up an embedded C compiler and library and target it to Iota. Then, run it all in a debugger to see how the interpreter ends up mapping the memory and change the compiler C runtime to match the mapping accurately. The timing is trickier... But it's all machine-code in the end so it's theoretically predictable and thus speculative-able.
Well, in theory...
compiling...
(Score: 2) by maxwell demon on Monday August 27 2018, @06:06PM (1 child)
Good luck implementing I/O in a language without I/O (note that a Turing machine doesn't do I/O either; the tape is its working memory; I/O is not included in Turing completeness!).
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by RamiK on Monday August 27 2018, @11:13PM
I guess you'd do that by corrupting your own stack to intentionally overflow and either exploit exception handling to output to stderr or enter the executable stack and syscall to stdout? Depending on the runtime interpreter and kernel you might have hooks in place as well even if the language isn't exposing functions for them... And I guess we can forgo screen output and exceed system memory so our stuff gets written to the swap area a moment before we exceed swap space and dump core :D
But really, this is all WAY out of my league so I give up at this point :D
compiling...