annuncio

Comprimi
Ancora nessun annuncio.

QRZ.com user administration escalation

Comprimi
X
 
  • Filtro
  • Ora
  • Visualizza
Elimina tutto
nuovi messaggi

  • QRZ.com user administration escalation

    A very weak security check on QRZ.com permit to anyone to be admin of any callsign on QRZ.com

    Administrators are advised by email. At the moment, users can't do anything to mitigate or block the vulnerability.

    Further details after the acknowledgement and the fix by QRZ.com administrators.

    Regards,
    Cris IZ0IEN
    Ultima modifica di IZ0IEN; 06-05-12, 14:03.
    Cris IZ0IEN
    http://www.technecom.it
    Founder of FOC - Frigo Operators Club
    Member of SOC #990 - Second Operator Class
    Orgoglioso cultore del CW a correzione d'errore.

  • #2
    Re: QRZ.com user administration escalation

    Originariamente inviato da IZ0IEN Visualizza il messaggio

    Further details after the acknowledgement and the fix by QRZ.com administrators.

    Regards,
    Cris IZ0IEN
    Fred Lloyd, AA7BQ, replied to my email. I agree with him that is not a real security issue: no sensitive data can be stolen. But, the issue exist.
    In the meanwhile, i proposed a possible solution. Fred is the admin and founder, so is up to him to considerate or not my words.

    Reading the kind and respectful email of Fred, i decide that the issue will not detailed by me to the general public.

    Cristiano IZ0IEN
    Ultima modifica di IZ0IEN; 06-05-12, 23:51.
    Cris IZ0IEN
    http://www.technecom.it
    Founder of FOC - Frigo Operators Club
    Member of SOC #990 - Second Operator Class
    Orgoglioso cultore del CW a correzione d'errore.

    Commenta

    Sto operando...
    X