A cryptographic issue in Nextcloud Server 19.0.1 allowed an malicious user to downgrade the encryption scheme and break the integrity of encrypted files.
The message I received on April 17th, 2020 was as follows: "We recently
released a Win fix and Mac build from this code base should have the same
fix (Mac version 710434)"
On Sat, Dec 26, 2020 at 12:59 PM Mark E Jeftovic <markjr () easydns com>
wrote:
_______________________________________________
Sent through the Full Disclosure ma ...
Is there a transposition typo in the Mac OSX version number?
*Fixed Version:* |701433| (Windows) and |710434| (macOS)
My OSX Backblaze is reporting 702470 as most recent version
On 2020-12-24 1:27 PM, Jason Geffner wrote:
--
Mark E Jeftovic <markjr () easydns com>
Co-founder & CEO, easyDNS Technologies I ...
Thanks, Reed I've updated the GitHub repository name to reflect this
change The detailed write-up can now be found at
githubcom/geffner/CVE-2020-8289/blob/master/READMEmd
On Tue, Dec 22, 2020 at 3:56 AM Reed Loden <reed () reedloden com> wrote:
_______________________________________________
Sent through the Full Disclosure m ...
CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
------------------------------------------------------------------
Summary
=======
Name: Remote Code Execution as SYSTEM/root via Backblaze
CVE: CVE-2020-8150
Discoverer: Jason Geffner
Vendor: Backblaze
Product: Backblaze for Windows and Backblaze for macOS
Risk: Critical
Discove ...
Due to a process fail, this CVE ID was accidentally reused for another
vulnerability
The updated CVE ID for this issue is CVE-2020-8289
We apologize to Jason and others for the inconvenience caused by this error
Happy holidays,
~reed
(for HackerOne)
_______________________________________________
Sent through the Full Disclosure mailing list ...
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
Summary
Name: Remote Code Execution as SYSTEM/root via Backblaze
CVE: CVE-2020-8289
Discoverer: Jason Geffner
Vendor: Backblaze
Product: Backblaze for Windows and Backblaze for macOS
Risk: Critical
Discovery Date: 2020-03-13
Publication Data: 2020-09-09
Fixed Version: 701433 (Windows) and 710434 (mac
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
Summary
Name: Remote Code Execution as SYSTEM/root via Backblaze
CVE: CVE-2020-8289
Discoverer: Jason Geffner
Vendor: Backblaze
Product: Backblaze for Windows and Backblaze for macOS
Risk: Critical
Discovery Date: 2020-03-13
Publication Data: 2020-09-09
Fixed Version: 701433 (Windows) and 710434 (mac