 |
Post Ay099ieINuFtw8hNtg by [email protected] |
 |
More posts by [email protected] |
|
Post #AxzjFt2G5DQR4yBgZs by [email protected] |
|
0 likes, 4 repeats |
|
|
|
I told Joshua Aaron, developer of ICEBlock, that he was running a vulnerable ve… |
|
|
|
Post #Axzm1WFIJlY6Cr7qjo by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@micahflee Please note that installing the latest Ubuntu security updates for A… |
|
|
|
Post #Axzp5AU3TBknjYSfAG by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@micahflee you did the right thing. |
|
|
|
Post #AxzrQ01rjcxpIaKwxk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee there’s a lot to say, actually: https://www.shodan.io/host/69.164.… |
|
|
|
Post #AxzrQ09fGdCbglzB7Q by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@patpro @micahflee Dude has more brands than a stolen cow. |
|
|
|
Post #AxzsaWajciIh8hEHVw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee Can you clarify whether you have any reason to believe it's actu… |
|
|
|
Post #AxzsaWhpCLyJUgXwZ6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Yeah, an unauthenticated nmap scan getting back a banner header is essentially … |
|
|
|
Post #AxzsaWpGkfvVrm1tAW by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Furthermore, that particular CVE only creates a vulnerable configuration if the… |
|
|
|
Post #AxzsaXFr9pC5CET7bs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
It's a valid discussion of whether the app is useful or not, but goddamn...… |
|
|
|
Post #AxzwS8ZJSKL28KoupM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JessTheUnstill @micahflee Exactly. I ignore "vuln reporters" who cop… |
|
|
|
Post #Ay00ZR0XhIq9AJI9kO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JessTheUnstill @dalias @[email protected] ^^^This, so much this.This … |
|
|
|
Post #Ay05vMcLCVkzgsFQFE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee seems to be up to date now! |
|
|
|
Post #Ay05vMj4nT921lOnk8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@compi it worked! |
|
|
|
Post #Ay09040E8YspGhLwQ4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee GASP.You mean the closet corporate shill is a scammer whose sole aim… |
|
|
|
Post #Ay090GyZu0HxVLgJ9c by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] @[email protected] But...If Aaron was using U… |
|
|
|
Post #Ay090H5JUxfzqEpgeW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Orca @micahflee I assume he is using Mantic (which is no longer supported as i… |
|
|
|
Post #Ay090HD71xumEQTuoC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@[email protected] @[email protected] Yes that's one possibi… |
|
|
|
Post #Ay092bZmHbbhyQC384 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JessTheUnstill can't tell if "beg bounties" is a typo or a funni… |
|
|
|
Post #Ay093Zrw7Dmcy79OlM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee ironically, these are the same people saying android isn't secure |
|
|
|
Post #Ay093xPOazDJyXywbo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Update: He has updated Apache to 2.4.65! Public disclosure after getting privat… |
|
|
|
Post #Ay093xWq9JAWLdStDE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee immediate disclosure seems to be the only thing ego and large compan… |
|
|
|
Post #Ay094D7CCQA8gjadSi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahfleeFor someone just trying to help their neighbors. I want to make sure … |
|
|
|
Post #Ay094DEzjQOv4vErcO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@MR_E @micahflee I too would like to know whether this vulnerability poses a ri… |
|
|
|
Post #Ay095PtIBWbYbKf5hg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee I'm kinda surprised people are still using Apache.I tried it yea… |
|
|
|
Post #Ay095uHRCJkCquBnVI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee how hard is it to have a cronjob that auto update/upgrade everything. |
|
|
|
Post #Ay096Xn0ItARO6G3cW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@xyhhx @JessTheUnstill @dalias @micahflee it's a real term, referring to pe… |
|
|
|
Post #Ay096lm6J2lOlLwX9k by [email protected] |
|
0 likes, 0 repeats |
|
|
|
It’ll be the latter. @dalias @JessTheUnstill @xyhhx @micahflee |
|
|
|
Post #Ay096lubnPZLBjvKPw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
https://www.computerweekly.com/feature/Dealing-with-the-challenge-of-beg-bounti… |
|
|
|
Post #Ay0973xkgSmLAhX5oe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@h0ng10 @micahflee This is a fairly common mistake too and causes a lot of bull… |
|
|
|
Post #Ay09745CEmjXXn12Q4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@buherator @h0ng10 @micahflee my general policy when I'm configuring ASF ht… |
|
|
|
Post #Ay098f5I9UdMakp0oS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@starluna @MR_E Patpro linked a list upstream (https://social.patpro.net/@patpr… |
|
|
|
Post #Ay098fCjhoaYxqIxPs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Mabande @MR_E Allow me to restate what I think you're saying to make sure … |
|
|
|
Post #Ay099glJOqgC5JxxYW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@patpro @micahflee That's a lot of OOOF |
|
|
|
Post #Ay099ieINuFtw8hNtg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee It seems that all of this would've been solved if he open source… |
|
|
|
Post #Ay09CBnoxlmivzKeUC by [email protected] |
|
0 likes, 0 repeats |
|
|
|
https://www.computerweekly.com/feature/Dealing-with-the-challenge-of-beg-bounti… |
|
|
|
Post #Ay09DOL1qEJk6PRDWK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee ICE Block uses your location to "anonymously" report ICE s… |
|
|
|
Post #Ay09DosbA2cQQ3LOSG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@starluna @MR_E 1. Yes, exactly.2. Yes, depending on which permissions the app … |
|
|
|
Post #Ay09G9jkaKhJgbJsIK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@VulpineAmethyst @h0ng10 @micahflee This is a totally different question (even … |
|
|
|
Post #Ay09GCwGgFUdcICPiq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@h0ng10 @micahflee common {ubuntu,debian} L |
|
|
|
Post #Ay09IqH9Ok36CGDtOy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee I haven't followed this closely so I'm probably missing a lo… |
|
|
|
Post #Ay09JOKWmgx7oa44O0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee Still, an immature reaction by him, especially since it is just a si… |
|
|
|
Post #Ay09L2pZgmOTiPNIwK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@starluna The Bluesky post linked in the blog post *seems* to me to indicate th… |
|
|
|
Post #Ay09MHfzylUC30UFCi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
"(Which, honestly, isn't very fair, since I'm not ICE.)"lol |
|
|
|
Post #Ay09TefQtjZhNajkGm by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@micahflee public disclosure usually works, period. It's kind of you to ha… |
|
|
|
Post #Ay0EyNGi8SuAAMdn7Y by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Pretty hard if you actually want your environment to not break randomly when an… |
|
|
|
Post #Ay0F2FfqJXbzloFFc8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
They definitely do not have any reason and this is a bad-faith post for clicks.… |
|
|
|
Post #Ay0F5AqOjAbNexZjhA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@JessTheUnstill huehuehue @mweiss @dalias @micahflee |
|
|
|
Post #Ay0F8UG10Rtujm8aaO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@compi @micahflee bug reporting ftw! I have some sympathy for the developer - g… |
|
|
|
Post #Ay0FDAOYHV2gaEMV9c by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee or did a rogue hack into the server and update it for him??? |
|
|
|
Post #Ay0M041TMSMqjcGYDI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee “And, as I showed you before, just one of the vulns is CVE-2024-38… |
|
|
|
Post #Ay0M049yqpAnA0FLTU by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee In what kind of universe you even seen an infrastructure that consis… |
|
|
|
Post #Ay0M9a0pnGQOYUVN8C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee honestly nice reminder for me to check all of my installs, admittedl… |
|
|
|
Post #Ay0MG6NqLqsagqNS5I by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee One thing that is devaluing disclosures is the barrage of "I di… |
|
|
|
Post #Ay0MMoYB3OKFPMPZwm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@micahflee Or it was easier to configure the server to lie about the version th… |
|
|
|
Post #Ay0TEu1JX39RjeDMSe by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@khm @dalias I didn't try confirming it was exploitable because his ego is … |
|
|
|
Post #Ay0gkohO9QaVtzRVVg by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@micahflee Yet another reason to avoid besides the traffic analysis. |
|
|
|
Post #Ay1v7MnzcLOGZK8eeG by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@JessTheUnstill @dalias @micahflee On a slight tangent he should probably root … |
|
|
|
Post #Ay1w1fG0CXUa0q5Iq8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Well, from other stuff in the thread looks like he got cyber bullied into makin… |
|
|
|
Post #AyAzh930OWOCZ17Ega by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@pndc what harassment? |
