Researcher discloses zero-day vulnerability in FireEye (csoonline.com) 29 points by wglb 10y ago ↗ HN
[–] ddddddddq 10y ago ↗ Here's the exploit posting that they refer to in the first paragraph: https://www.exploit-db.com/exploits/38090/ [–] jessaustin 10y ago ↗ ...&name=../../../../../../../../../../../etc/passwd... There's nothing like the old classics...
[–] jessaustin 10y ago ↗ ...&name=../../../../../../../../../../../etc/passwd... There's nothing like the old classics...
[–] tptacek 10y ago ↗ One reason these vulnerabilities are so common is that the admin interfaces of appliances like FireEye's aren't normally exposed on the Internet. [–] [deleted] 10y ago ↗ (comment deleted) [–] wglb 10y ago ↗ Ah, but there is no perimeter!
[–] qCOVET 10y ago ↗ A cyber security company that does this"the box has Apache, pushing PHP, running as root."is not a cyber security company .. lol
6 comments
[ 3.0 ms ] story [ 23.4 ms ] thread"the box has Apache, pushing PHP, running as root."
is not a cyber security company .. lol