NEWS > Research Blog
October 13, 2017
Advisory X41-2017-010: Command Execution in shadowsocks-libev
Niklas Abel of X41 discovered command execution in shadowsocks-libev.
October 13, 2017
Advisory X41-2017-008: Multiple Vulnerabilities in shadowsocks
Niklas Abel of X41 discovered multiple vulnerabilities in shadowsocks.
September 18, 2017
X41 D-Sec GmbH releases Browser Security White Paper, assessing Google Chrome, Microsoft Edge, and Internet Explorer
X41 D-Sec GmbH (“X41”) - a research driven IT-Security company - released an in-depth analysis of the three leading enterprise web browsers Google Chrome, Microsoft Edge, and Internet Explorer.
June 05, 2017
Peplink Vulnerability Hunting
During a recent penetration test for a customer several vulnerabilities in peplink devices were uncovered.
April 13, 2017
HITBSECCONF17 - Markus Vervier Presents Research On Signal
Markus Vervier will present research on the Signal Private Messenger in Amsterdam at HITBSECCONF17.
March 21, 2017
Wanted - Junior Security Consultant
We are looking for a junior security consultant in the Aachen or Rhein-Main area.
March 20, 2017
TROOPERS17 - Signal Presentation And Meet-Up
X41 will be present at TROOPERS17 in Heidelberg and Markus Vervier will present research on the Signal Private Messenger
February 28, 2017
Advisory X41-2017-001: Multiple Vulnerabilities in X.org
Eric Sesterhenn of X41 discovered multiple vulnerabilities in X.org and related libraries.
February 27, 2017
winmail.dat considered harmful
X41 had a quick look at different TNEF tools, which help to extract winmail.dat files. This is what we found
February 27, 2017
Advisory X41-2017-003: Directory Traversal in ktnef
X41 in person of Eric Sesterhenn noticed a directory traversal in ktnef, which is used to extract winmail.dat files.
February 23, 2017
Advisory X41-2017-04: Multiple Vulnerabilities in tnef
Eric Sesterhenn of X41 found multiple vulnerabilities in the tnef tool which is used to extract winmail.dat files.
February 15, 2017
Advisory X41-2017-02: Multiple Vulnerabilities in ytnef
Eric Sesterhenn of X41 found multiple vulnerabilities in the ytnef TNEF library which is used to extract winmail.dat files.
February 09, 2017
Wire Cryptography Audit (with Kudelski Security)
X41 D-Sec's Markus Vervier and Kudelski Security's JP Aumasson were hired to audit Wire's cryptography core, the proteus library.
September 22, 2016
Vulnerabilities in Signal Private Messenger
Two vulnerabilities in signal have been uncovered by Markus Vervier and Jean-Philippe Aumasson, which allow attackers to modify encrypted attachments and crash the Signal app permanently.
March 09, 2016
Advisory X41-2016-001: Memory Corruption Vulnerability in libotrrr
X41 found a memory corruption vulnerability in the widely used libotr library.