Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://chaos.social/users/christopherkunz/statuses/116691909326433179">Dr. Christopher Kunz (christopherkunz@chaos.social)'s status on Thursday, 04-Jun-2026 23:54:10 JST</a><a href="https://chaos.social/@christopherkunz" title="christopherkunz@chaos.social"><img src="https://gnusocial.jp/avatar/230467-48-20240109064907.webp" width="48" height="48" alt="Dr. Christopher Kunz" style="position: absolute; left: 0; top: 0;">Dr. Christopher Kunz</a><div><a href="https://infosec.exchange/@wdormann/116691898634149995" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://infosec.exchange/@wdormann">@wdormann</a> From what I read in the writeup (and the sparse other sources), you need a long enough DNS name on the victim host to trigger the overflow. I think 54 chars or more? This github has a possible explanation why the PoC fails under most normal conditions: <a href="https://github.com/ADScanPro/CVE-2026-41089-LongLogon" rel="nofollow">https://github.com/ADScanPro/CVE-2026-41089-LongLogon</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/6446003#notice-12701386">In conversation</a><time datetime="2026-06-04T23:54:10+09:00" title="Thursday, 04-Jun-2026 23:54:10 JST">about 4 days ago</time> <span>from <span><a href="https://chaos.social/@christopherkunz/116691909326433179" rel="external" title="Sent from chaos.social via ActivityPub">chaos.social</a></span></span><a href="https://chaos.social/@christopherkunz/116691909326433179">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: opengraph.githubassets.com</div><h5><a href="https://github.com/ADScanPro/CVE-2026-41089-LongLogon">GitHub - ADScanPro/CVE-2026-41089-LongLogon: CVE-2026-41089 checker: unauthenticated, non-destructive detection for the Netlogon CLDAP stack buffer overflow (CVSS 9.8). Reports whether a domain controller's domain is long enough to crash, without sending the overflow. The binary-verified analysis the public PoCs got wrong.</a></h5><div></div></header><div>CVE-2026-41089 checker: unauthenticated, non-destructive detection for the Netlogon CLDAP stack buffer overflow (CVSS 9.8). Reports whether a domain controller's domain is long enough to crash,...</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Dr. Christopher Kunz (christopherkunz@chaos.social)'s status on Thursday, 04-Jun-2026 23:54:10 JSTDr. Christopher Kunz
in reply to
- Will Dormann
@wdormann From what I read in the writeup (and the sparse other sources), you need a long enough DNS name on the victim host to trigger the overflow. I think 54 chars or more? This github has a possible explanation why the PoC fails under most normal conditions: https://github.com/ADScanPro/CVE-2026-41089-LongLogon
In conversationabout 4 days ago from chaos.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  GitHub - ADScanPro/CVE-2026-41089-LongLogon: CVE-2026-41089 checker: unauthenticated, non-destructive detection for the Netlogon CLDAP stack buffer overflow (CVSS 9.8). Reports whether a domain controller's domain is long enough to crash, without sending the overflow. The binary-verified analysis the public PoCs got wrong.
  CVE-2026-41089 checker: unauthenticated, non-destructive detection for the Netlogon CLDAP stack buffer overflow (CVSS 9.8). Reports whether a domain controller's domain is long enough to crash,...

Public

Embed Notice

HTML Code

Corresponding Notice