webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-24 01:42:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,864 Commits 2 Branches 1 Tag
a9a91e5fa713c14f59d20228c228f0e67c4365a8
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Michael Tremer a9a91e5fa7 ids.cgi: Fix remote command execution vulnerability 
The OINKCODE variable was only validated for proper input
when the Save button was clicked.

Did the user demand to download new rules instead, the
content of that variable was not being validated (again)
and was passed to wget on the shell.

This was done with privileges of the "nobody" user.

Fixes #11401

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2017-06-14 12:58:12 +01:00
config
BUG11278: It is not possible to create subnets of internal networks in firewallgroups
2017-06-07 17:19:30 +01:00
doc
index.cgi: Show WiFi properties on front page
2017-05-16 16:02:25 +02:00
html
ids.cgi: Fix remote command execution vulnerability
2017-06-14 12:58:12 +01:00
langs
Merge remote-tracking branch 'ms/wlanclient' into next
2017-05-18 11:22:20 +01:00
lfs
Merge branch 'master' into next
2017-06-10 22:38:32 +02:00
src
stripper: Fix for newer versions of file
2017-06-07 10:34:58 +01:00
tools
Cosmetic fix for 'make-functions'-output
2017-06-07 09:53:50 +01:00
.gitignore
Buildsystem: generate image md5sums.
2011-01-01 11:40:19 +01:00
.mailmap
Add .mailmap.
2010-01-22 11:37:55 +01:00
make.sh
Run strip with tools from the host system
2017-06-07 10:58:02 +01:00
Description
No description provided
101 MiB
Languages
Perl 70.4%
Shell 23%
C 4%
Python 0.6%
Makefile 0.5%
Other 1.4%