[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze

To: Reed Loden <reed@xxxxxxxxxxxxx>
Subject: Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
From: Jason Geffner <geffner@xxxxxxxxx>
Date: Thu, 24 Dec 2020 12:27:48 -0600

Thanks, Reed. I've updated the GitHub repository name to reflect this
change. The detailed write-up can now be found at
https://github.com/geffner/CVE-2020-8289/blob/master/README.md.

On Tue, Dec 22, 2020 at 3:56 AM Reed Loden <reed@xxxxxxxxxxxxx> wrote:

> Due to a process fail, this CVE ID was accidentally reused for another
> vulnerability.
>
> The updated CVE ID for this issue is CVE-2020-8289.
>
> We apologize to Jason and others for the inconvenience caused by this
> error.
>
> Happy holidays,
> ~reed
> (for HackerOne)
>

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
  - From: Mark E. Jeftovic

References:
- Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
  - From: Reed Loden

Prev by Date: [FD] SYSS-2020-042 Urve - Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
Next by Date: Re: [FD] CVE-2020-8152 – Elevation of Privilege in Backblaze
Previous by thread: Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Next by thread: Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Index(es):
- Date
- Thread