The Linux binaries \(nordvpn and nordvpnd\) don't use PIE/ASLR
Posted: Tue Jan 14, 2025 4:46 am
The Linux binaries nordvpn and nordvpnd don't have PIE/ASLR enabled. A such feature is used to harden programs against the exploitation of memory corruption bugs and should be enabled.
The use of ASLR has long been debated among the Golang community. However, it seems that it's becoming the default choice now.
https://hackerone.com/reports/817244
The use of ASLR has long been debated among the Golang community. However, it seems that it's becoming the default choice now.
https://hackerone.com/reports/817244