home.social

#fulldisclosure — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fulldisclosure, aggregated by home.social.

  1. #Signalapp doesn't actually delete messages when they're deleted (either manually or by automation). The message deletion is written to Write-ahead Log, and the data is only truly deleted once Signal is restarted or threshold of 1000 pages is reached. For macOS Signal application, extra complication arises from the fact that the signal message database can be backed up before the database consolidation occurs. Large amount of the supposedly already deleted messages could be recovered from the device or backups.

    This concerns use cases where deleting messages actually getting removed in timely manner is of high importance and recovery of the deleted messages could lead to grave consequences.

    TL;DR: If you don't care about deleted messages being actually deleted you don't need to worry.

    Full advisory at: sintonen.fi/advisories/signal-

    #fulldisclosure #infosec #cybersecurity

  2. #Signalapp doesn't actually delete messages when they're deleted (either manually or by automation). The message deletion is written to Write-ahead Log, and the data is only truly deleted once Signal is restarted or threshold of 1000 pages is reached. For macOS Signal application, extra complication arises from the fact that the signal message database can be backed up before the database consolidation occurs. Large amount of the supposedly already deleted messages could be recovered from the device or backups.

    This concerns use cases where deleting messages actually getting removed in timely manner is of high importance and recovery of the deleted messages could lead to grave consequences.

    TL;DR: If you don't care about deleted messages being actually deleted you don't need to worry.

    Full advisory at: sintonen.fi/advisories/signal-

    #fulldisclosure #infosec #cybersecurity

  3. #Signalapp doesn't actually delete messages when they're deleted (either manually or by automation). The message deletion is written to Write-ahead Log, and the data is only truly deleted once Signal is restarted or threshold of 1000 pages is reached. For macOS Signal application, extra complication arises from the fact that the signal message database can be backed up before the database consolidation occurs. Large amount of the supposedly already deleted messages could be recovered from the device or backups.

    This concerns use cases where deleting messages actually getting removed in timely manner is of high importance and recovery of the deleted messages could lead to grave consequences.

    TL;DR: If you don't care about deleted messages being actually deleted you don't need to worry.

    Full advisory at: sintonen.fi/advisories/signal-

    #fulldisclosure #infosec #cybersecurity

  4. #Signalapp doesn't actually delete messages when they're deleted (either manually or by automation). The message deletion is written to Write-ahead Log, and the data is only truly deleted once Signal is restarted or threshold of 1000 pages is reached. For macOS Signal application, extra complication arises from the fact that the signal message database can be backed up before the database consolidation occurs. Large amount of the supposedly already deleted messages could be recovered from the device or backups.

    This concerns use cases where deleting messages actually getting removed in timely manner is of high importance and recovery of the deleted messages could lead to grave consequences.

    TL;DR: If you don't care about deleted messages being actually deleted you don't need to worry.

    Full advisory at: sintonen.fi/advisories/signal-

    #fulldisclosure #infosec #cybersecurity

  5. #Signalapp doesn't actually delete messages when they're deleted (either manually or by automation). The message deletion is written to Write-ahead Log, and the data is only truly deleted once Signal is restarted or threshold of 1000 pages is reached. For macOS Signal application, extra complication arises from the fact that the signal message database can be backed up before the database consolidation occurs. Large amount of the supposedly already deleted messages could be recovered from the device or backups.

    This concerns use cases where deleting messages actually getting removed in timely manner is of high importance and recovery of the deleted messages could lead to grave consequences.

    TL;DR: If you don't care about deleted messages being actually deleted you don't need to worry.

    Full advisory at: sintonen.fi/advisories/signal-

    #fulldisclosure #infosec #cybersecurity

  6. Plethore of critical #Linksys MX4200 Wi-Fi router vulnerabilities (that were originally reported to Linksys nearly a year ago!) are still unfixed:

    - [SYSS-2025-001] Linksys MX9600/MX4200 - Path Traversal seclists.org/fulldisclosure/20
    - [SYSS-2025-002] Linksys MX9600/MX4200 - Missing Authentication for Critical Function seclists.org/fulldisclosure/20
    - [SYSS-2025-009] Linksys MX9600/MX4200 - SQL Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-010] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-011] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-014] Linksys MX4200 - Improper Verification of Source of a Communication Channel
    seclists.org/fulldisclosure/20

    On first read it might appear that many of these vulnerabilities would only be exploitable by accessing the device non-WAN interface(s) from inside the local network. However, due to the SYSS-2025-014 vulnerability the normally "LAN only RCE" vulnerabilities (SYSS-2025-010 and -011) and SQL injection (SYSS-2025-009) can be performed from the WAN interface (read: the internet). The attacker merely needs to make the connection originate from port 5222 (which is trivial to arrange via local bind before connect).

    Update: Users of Linksys MX4200 should upgrade to firmware version 2.0.7.216620 or later. While not all of the security issues are fixed, it at least should stop the attacks via the WAN interface (SYSS-2025-014). support.linksys.com/kb/article

    #linksys #fulldisclosure #vulnerability #infosec #cybersecurity

  7. Plethore of critical #Linksys MX4200 Wi-Fi router vulnerabilities (that were originally reported to Linksys nearly a year ago!) are still unfixed:

    - [SYSS-2025-001] Linksys MX9600/MX4200 - Path Traversal seclists.org/fulldisclosure/20
    - [SYSS-2025-002] Linksys MX9600/MX4200 - Missing Authentication for Critical Function seclists.org/fulldisclosure/20
    - [SYSS-2025-009] Linksys MX9600/MX4200 - SQL Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-010] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-011] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-014] Linksys MX4200 - Improper Verification of Source of a Communication Channel
    seclists.org/fulldisclosure/20

    On first read it might appear that many of these vulnerabilities would only be exploitable by accessing the device non-WAN interface(s) from inside the local network. However, due to the SYSS-2025-014 vulnerability the normally "LAN only RCE" vulnerabilities (SYSS-2025-010 and -011) and SQL injection (SYSS-2025-009) can be performed from the WAN interface (read: the internet). The attacker merely needs to make the connection originate from port 5222 (which is trivial to arrange via local bind before connect).

    Update: Users of Linksys MX4200 should upgrade to firmware version 2.0.7.216620 or later. While not all of the security issues are fixed, it at least should stop the attacks via the WAN interface (SYSS-2025-014). support.linksys.com/kb/article

    #linksys #fulldisclosure #vulnerability #infosec #cybersecurity

  8. Plethore of critical #Linksys MX4200 Wi-Fi router vulnerabilities (that were originally reported to Linksys nearly a year ago!) are still unfixed:

    - [SYSS-2025-001] Linksys MX9600/MX4200 - Path Traversal seclists.org/fulldisclosure/20
    - [SYSS-2025-002] Linksys MX9600/MX4200 - Missing Authentication for Critical Function seclists.org/fulldisclosure/20
    - [SYSS-2025-009] Linksys MX9600/MX4200 - SQL Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-010] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-011] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-014] Linksys MX4200 - Improper Verification of Source of a Communication Channel
    seclists.org/fulldisclosure/20

    On first read it might appear that many of these vulnerabilities would only be exploitable by accessing the device non-WAN interface(s) from inside the local network. However, due to the SYSS-2025-014 vulnerability the normally "LAN only RCE" vulnerabilities (SYSS-2025-010 and -011) and SQL injection (SYSS-2025-009) can be performed from the WAN interface (read: the internet). The attacker merely needs to make the connection originate from port 5222 (which is trivial to arrange via local bind before connect).

    Update: Users of Linksys MX4200 should upgrade to firmware version 2.0.7.216620 or later. While not all of the security issues are fixed, it at least should stop the attacks via the WAN interface (SYSS-2025-014). support.linksys.com/kb/article

    #linksys #fulldisclosure #vulnerability #infosec #cybersecurity

  9. Plethore of critical #Linksys MX4200 Wi-Fi router vulnerabilities (that were originally reported to Linksys nearly a year ago!) are still unfixed:

    - [SYSS-2025-001] Linksys MX9600/MX4200 - Path Traversal seclists.org/fulldisclosure/20
    - [SYSS-2025-002] Linksys MX9600/MX4200 - Missing Authentication for Critical Function seclists.org/fulldisclosure/20
    - [SYSS-2025-009] Linksys MX9600/MX4200 - SQL Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-010] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-011] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-014] Linksys MX4200 - Improper Verification of Source of a Communication Channel
    seclists.org/fulldisclosure/20

    On first read it might appear that many of these vulnerabilities would only be exploitable by accessing the device non-WAN interface(s) from inside the local network. However, due to the SYSS-2025-014 vulnerability the normally "LAN only RCE" vulnerabilities (SYSS-2025-010 and -011) and SQL injection (SYSS-2025-009) can be performed from the WAN interface (read: the internet). The attacker merely needs to make the connection originate from port 5222 (which is trivial to arrange via local bind before connect).

    Update: Users of Linksys MX4200 should upgrade to firmware version 2.0.7.216620 or later. While not all of the security issues are fixed, it at least should stop the attacks via the WAN interface (SYSS-2025-014). support.linksys.com/kb/article

    #linksys #fulldisclosure #vulnerability #infosec #cybersecurity

  10. Plethore of critical #Linksys MX4200 Wi-Fi router vulnerabilities (that were originally reported to Linksys nearly a year ago!) are still unfixed:

    - [SYSS-2025-001] Linksys MX9600/MX4200 - Path Traversal seclists.org/fulldisclosure/20
    - [SYSS-2025-002] Linksys MX9600/MX4200 - Missing Authentication for Critical Function seclists.org/fulldisclosure/20
    - [SYSS-2025-009] Linksys MX9600/MX4200 - SQL Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-010] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-011] Linksys MX9600/MX4200 - OS Command Injection seclists.org/fulldisclosure/20
    - [SYSS-2025-014] Linksys MX4200 - Improper Verification of Source of a Communication Channel
    seclists.org/fulldisclosure/20

    On first read it might appear that many of these vulnerabilities would only be exploitable by accessing the device non-WAN interface(s) from inside the local network. However, due to the SYSS-2025-014 vulnerability the normally "LAN only RCE" vulnerabilities (SYSS-2025-010 and -011) and SQL injection (SYSS-2025-009) can be performed from the WAN interface (read: the internet). The attacker merely needs to make the connection originate from port 5222 (which is trivial to arrange via local bind before connect).

    Update: Users of Linksys MX4200 should upgrade to firmware version 2.0.7.216620 or later. While not all of the security issues are fixed, it at least should stop the attacks via the WAN interface (SYSS-2025-014). support.linksys.com/kb/article

    #linksys #fulldisclosure #vulnerability #infosec #cybersecurity

  11. Full disclosure in computer security still exists and is complementary to other disclosure models. The evolution of vulnerability disclosure is not linear from full disclosure to responsible disclosure to coordinated disclosure. These models coexist and all need to be taken into account.

    You can’t just say “the legal framework will solve it” or “just do coordinated disclosure.” Vendors, researchers, and users are not all rational actors playing the same game.

    Vulnerability disclosure is more complex than that, and if you actually want to address the issue, you can’t just say “it doesn’t exist.”

    #cve #gcve #vulnerabilitymanagement #cybersecurity #fulldisclosure #vulnerability

  12. Full disclosure in computer security still exists and is complementary to other disclosure models. The evolution of vulnerability disclosure is not linear from full disclosure to responsible disclosure to coordinated disclosure. These models coexist and all need to be taken into account.

    You can’t just say “the legal framework will solve it” or “just do coordinated disclosure.” Vendors, researchers, and users are not all rational actors playing the same game.

    Vulnerability disclosure is more complex than that, and if you actually want to address the issue, you can’t just say “it doesn’t exist.”

    #cve #gcve #vulnerabilitymanagement #cybersecurity #fulldisclosure #vulnerability

  13. Full disclosure in computer security still exists and is complementary to other disclosure models. The evolution of vulnerability disclosure is not linear from full disclosure to responsible disclosure to coordinated disclosure. These models coexist and all need to be taken into account.

    You can’t just say “the legal framework will solve it” or “just do coordinated disclosure.” Vendors, researchers, and users are not all rational actors playing the same game.

    Vulnerability disclosure is more complex than that, and if you actually want to address the issue, you can’t just say “it doesn’t exist.”

    #cve #gcve #vulnerabilitymanagement #cybersecurity #fulldisclosure #vulnerability

  14. Full disclosure in computer security still exists and is complementary to other disclosure models. The evolution of vulnerability disclosure is not linear from full disclosure to responsible disclosure to coordinated disclosure. These models coexist and all need to be taken into account.

    You can’t just say “the legal framework will solve it” or “just do coordinated disclosure.” Vendors, researchers, and users are not all rational actors playing the same game.

    Vulnerability disclosure is more complex than that, and if you actually want to address the issue, you can’t just say “it doesn’t exist.”

    #cve #gcve #vulnerabilitymanagement #cybersecurity #fulldisclosure #vulnerability

  15. Full disclosure in computer security still exists and is complementary to other disclosure models. The evolution of vulnerability disclosure is not linear from full disclosure to responsible disclosure to coordinated disclosure. These models coexist and all need to be taken into account.

    You can’t just say “the legal framework will solve it” or “just do coordinated disclosure.” Vendors, researchers, and users are not all rational actors playing the same game.

    Vulnerability disclosure is more complex than that, and if you actually want to address the issue, you can’t just say “it doesn’t exist.”

    #cve #gcve #vulnerabilitymanagement #cybersecurity #fulldisclosure #vulnerability

  16. I gave no idea, zero (0), how they got a high severity CVSS out of missing response headers. I mean, are they important? Sure! Don't you put that on reports, Bill? You bet! 8.3 severity? I'd be laughed out of the readout call.

    seclists.org/fulldisclosure/20

    #fulldisclosure #cvss

  17. I gave no idea, zero (0), how they got a high severity CVSS out of missing response headers. I mean, are they important? Sure! Don't you put that on reports, Bill? You bet! 8.3 severity? I'd be laughed out of the readout call.

    seclists.org/fulldisclosure/20

    #fulldisclosure #cvss

  18. I gave no idea, zero (0), how they got a high severity CVSS out of missing response headers. I mean, are they important? Sure! Don't you put that on reports, Bill? You bet! 8.3 severity? I'd be laughed out of the readout call.

    seclists.org/fulldisclosure/20

    #fulldisclosure #cvss

  19. I gave no idea, zero (0), how they got a high severity CVSS out of missing response headers. I mean, are they important? Sure! Don't you put that on reports, Bill? You bet! 8.3 severity? I'd be laughed out of the readout call.

    seclists.org/fulldisclosure/20

    #fulldisclosure #cvss

  20. I gave no idea, zero (0), how they got a high severity CVSS out of missing response headers. I mean, are they important? Sure! Don't you put that on reports, Bill? You bet! 8.3 severity? I'd be laughed out of the readout call.

    seclists.org/fulldisclosure/20

    #fulldisclosure #cvss

  21. I can't think of anything more repulsive than the Andromedan virus who thinks everything is a joke... The Andromedan virus will think it's a joke... but it is Animal Farm; disclosure 101 #animalfarm #orwell #fulldisclosure

  22. I can't think of anything more repulsive than the Andromedan virus who thinks everything is a joke... The Andromedan virus will think it's a joke... but it is Animal Farm; disclosure 101 #animalfarm #orwell #fulldisclosure

  23. To everyone using #MintLinux:

    Please run `sudo passwd` and set a password for your root shell right now!

    Failing to do so will keep your system wounderable to a password-less recovery root shell, which's only security measure asking you to press "Enter", nothing else.

    I am doing #FullDisclosure of this massive #SecurityBreach right now, as this huge problem is apparently known for years already, but nobody seems to care at @linuxmint

    forums.linuxmint.com/viewtopic.

    What the...

    #RootShell #Linux

  24. To everyone using #MintLinux:

    Please run `sudo passwd` and set a password for your root shell right now!

    Failing to do so will keep your system wounderable to a password-less recovery root shell, which's only security measure asking you to press "Enter", nothing else.

    I am doing #FullDisclosure of this massive #SecurityBreach right now, as this huge problem is apparently known for years already, but nobody seems to care at @linuxmint

    forums.linuxmint.com/viewtopic.

    What the...

    #RootShell #Linux

  25. To everyone using #MintLinux:

    Please run `sudo passwd` and set a password for your root shell right now!

    Failing to do so will keep your system wounderable to a password-less recovery root shell, which's only security measure asking you to press "Enter", nothing else.

    I am doing #FullDisclosure of this massive #SecurityBreach right now, as this huge problem is apparently known for years already, but nobody seems to care at @linuxmint

    forums.linuxmint.com/viewtopic.

    What the...

    #RootShell #Linux

  26. To everyone using #MintLinux:

    Please run `sudo passwd` and set a password for your root shell right now!

    Failing to do so will keep your system wounderable to a password-less recovery root shell, which's only security measure asking you to press "Enter", nothing else.

    I am doing #FullDisclosure of this massive #SecurityBreach right now, as this huge problem is apparently known for years already, but nobody seems to care at @linuxmint

    forums.linuxmint.com/viewtopic.

    What the...

    #RootShell #Linux

  27. To everyone using #MintLinux:

    Please run `sudo passwd` and set a password for your root shell right now!

    Failing to do so will keep your system wounderable to a password-less recovery root shell, which's only security measure asking you to press "Enter", nothing else.

    I am doing #FullDisclosure of this massive #SecurityBreach right now, as this huge problem is apparently known for years already, but nobody seems to care at @linuxmint

    forums.linuxmint.com/viewtopic.

    What the...

    #RootShell #Linux

  28. Lisäänpä heti tähän samaan ketjuun, että kyllä, ajan polkupyörällä, vaikka tällä hetkellä en työmatkaa sillä tyypillisesti taitakaan (lähinnä lenkkeilen). Ja ajan autolla, km-määrissä ihan selvästi enemmän kuin pyörillä.

    En silti preferoi autoa enkä varsinkaan kaupunki-infra-asioissa. Raivostuttavaa ajaa pyörällä, kun se on vähiten tärkeä liikkumismuoto kaupungin infrassa ja suunnittelussa.

    #fullDisclosure

  29. Lisäänpä heti tähän samaan ketjuun, että kyllä, ajan polkupyörällä, vaikka tällä hetkellä en työmatkaa sillä tyypillisesti taitakaan (lähinnä lenkkeilen). Ja ajan autolla, km-määrissä ihan selvästi enemmän kuin pyörillä.

    En silti preferoi autoa enkä varsinkaan kaupunki-infra-asioissa. Raivostuttavaa ajaa pyörällä, kun se on vähiten tärkeä liikkumismuoto kaupungin infrassa ja suunnittelussa.

    #fullDisclosure

  30. Lisäänpä heti tähän samaan ketjuun, että kyllä, ajan polkupyörällä, vaikka tällä hetkellä en työmatkaa sillä tyypillisesti taitakaan (lähinnä lenkkeilen). Ja ajan autolla, km-määrissä ihan selvästi enemmän kuin pyörillä.

    En silti preferoi autoa enkä varsinkaan kaupunki-infra-asioissa. Raivostuttavaa ajaa pyörällä, kun se on vähiten tärkeä liikkumismuoto kaupungin infrassa ja suunnittelussa.

    #fullDisclosure

  31. Lisäänpä heti tähän samaan ketjuun, että kyllä, ajan polkupyörällä, vaikka tällä hetkellä en työmatkaa sillä tyypillisesti taitakaan (lähinnä lenkkeilen). Ja ajan autolla, km-määrissä ihan selvästi enemmän kuin pyörillä.

    En silti preferoi autoa enkä varsinkaan kaupunki-infra-asioissa. Raivostuttavaa ajaa pyörällä, kun se on vähiten tärkeä liikkumismuoto kaupungin infrassa ja suunnittelussa.

  32. Lisäänpä heti tähän samaan ketjuun, että kyllä, ajan polkupyörällä, vaikka tällä hetkellä en työmatkaa sillä tyypillisesti taitakaan (lähinnä lenkkeilen). Ja ajan autolla, km-määrissä ihan selvästi enemmän kuin pyörillä.

    En silti preferoi autoa enkä varsinkaan kaupunki-infra-asioissa. Raivostuttavaa ajaa pyörällä, kun se on vähiten tärkeä liikkumismuoto kaupungin infrassa ja suunnittelussa.

    #fullDisclosure