[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
- To: Jason Geffner <geffner@xxxxxxxxx>, Reed Loden <reed@xxxxxxxxxxxxx>
- Subject: Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
- From: "Mark E. Jeftovic" <markjr@xxxxxxxxxxx>
- Date: Sat, 26 Dec 2020 13:59:08 -0500
Is there a transposition typo in the Mac OSX version number?
*Fixed Version:* |7.0.1.433| (Windows) and |7.1.0.434| (macOS)
My OSX Backblaze is reporting 7.0.2.470 as most recent version
On 2020-12-24 1:27 PM, Jason Geffner wrote:
> Thanks, Reed. I've updated the GitHub repository name to reflect this
> change. The detailed write-up can now be found at
> https://github.com/geffner/CVE-2020-8289/blob/master/README.md.
>
> On Tue, Dec 22, 2020 at 3:56 AM Reed Loden <reed@xxxxxxxxxxxxx> wrote:
>
>> Due to a process fail, this CVE ID was accidentally reused for another
>> vulnerability.
>>
>> The updated CVE ID for this issue is CVE-2020-8289.
>>
>> We apologize to Jason and others for the inconvenience caused by this
>> error.
>>
>> Happy holidays,
>> ~reed
>> (for HackerOne)
>>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
--
Mark E. Jeftovic <markjr@xxxxxxxxxxx>
Co-founder & CEO, easyDNS Technologies Inc.
AxisOfEasy.com <https://AxisOfEasy.com> - /For full coverage of a world
gone full cyberpunk.../
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/