Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

"Sometimes insanity is the only alternative" -- button at a Science Fiction convention.


computers / rocksolid.shared.security / Re: Do you use the Sonic firewall ?

SubjectAuthor
* Do you use the Sonic firewall ?Anonymous
+- Do you use the Sonic firewall ?AnonUser
`- Well...Anonymous

1
Do you use the Sonic firewall ?

<opsec.734.39emly@anon.com>

 copy mid

https://news.novabbs.com/computers/article-flat.php?id=160&group=rocksolid.shared.security#160

 copy link   Newsgroups: rocksolid.shared.security
Path: i2pn2.org!.POSTED!not-for-mail
From: pos...@anon.com (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Do you use the Sonic firewall ?
Date: Fri, 16 Oct 2020 03:11:37 -0700
Organization: i2pn2 (i2pn.org)
Message-ID: <opsec.734.39emly@anon.com>
Content-Type: text/plain; charset=UTF-8
Injection-Info: i2pn2.org; posting-account="def2";
logging-data="10798"; mail-complaints-to="usenet@i2pn2.org"
 by: Anonymous - Fri, 16 Oct 2020 10:11 UTC

Time for an update, this thing is reaaally wide open:

https://de.tenable.com/blog/cve-2020-5135-critical-sonicwall-vpn-portal-stack-based-buffer-overflow-vulnerability

--
Posted on def2

Re: Do you use the Sonic firewall ?

<8a3ff00b1280ce87ce8419cc75a403fa$1@www.novabbs.com>

 copy mid

https://news.novabbs.com/computers/article-flat.php?id=161&group=rocksolid.shared.security#161

 copy link   Newsgroups: rocksolid.shared.security
Path: i2pn2.org!.POSTED!not-for-mail
From: AnonU...@rslight.i2p (AnonUser)
Newsgroups: rocksolid.shared.security
Subject: Re: Do you use the Sonic firewall ?
Date: Sat, 17 Oct 2020 01:37:24 +0000
Organization: novaBBS
Message-ID: <8a3ff00b1280ce87ce8419cc75a403fa$1@www.novabbs.com>
References: <opsec.734.39emly@anon.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="15436"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs
X-Rslight-Site: $2y$10$vE.a04R1JwbBQS2RqzrzAeo/T.yQro7xikODl/NtqETKfPF3msFZa
 by: AnonUser - Sat, 17 Oct 2020 01:37 UTC

Anonymous wrote:

> Time for an update, this thing is reaaally wide open:

> https://de.tenable.com/blog/cve-2020-5135-critical-sonicwall-vpn-portal-stack-based-buffer-overflow-vulnerability

Looks like they believe they've patched them all

"SonicWall published patches for all 11 vulnerabilities."

Affected Versions Fixed Versions
SonicOS 6.5.4.7-79n and below SonicOS 6.5.4.7-83n
SonicOS 6.5.1.11 and below SonicOS 6.5.1.12-1n
SonicOS 6.0.5.3-93o and below SonicOS 6.0.5.3-94o
SonicOSv 6.5.4.4-44v-21-794 and below SonicOS 6.5.4.v-21s-987
SonicOS 7.0.0.0-1 SonicOS 7.0.0.0-2 and above

--
Posted on: novaBBS
www.novabbs.com

Well...

<opsec.736.1thgt3@anon.com>

 copy mid

https://news.novabbs.com/computers/article-flat.php?id=162&group=rocksolid.shared.security#162

 copy link   Newsgroups: rocksolid.shared.security
Path: i2pn2.org!.POSTED!not-for-mail
From: pos...@anon.com (Anonymous)
Newsgroups: rocksolid.shared.security
Subject: Well...
Date: Sat, 17 Oct 2020 08:42:37 -0700
Organization: def2
Message-ID: <opsec.736.1thgt3@anon.com>
References: <opsec.734.39emly@anon.com>
Content-Type: text/plain; charset=UTF-8
Injection-Info: i2pn2.org; posting-account="def2";
logging-data="2810"; mail-complaints-to="usenet@i2pn2.org"
 by: Anonymous - Sat, 17 Oct 2020 15:42 UTC

>Looks like they believe they've patched them all

like the song says:
"that don't impress me much". as a firewall, you have one fucking job, which is to keep the bad guys out. if you prove you cannot do it and instead allow remote code execution, you have not only failed in the sense that you did _not_ keep the bad guys out, but in fact you invited them in and opened the door.

--
Posted on def2

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor