http://seclists.org/fulldisclosure/2014/Jan/187
I'm not connected with the author, or share any opinions.I simply monitor the Full Disclosure list, as well as pfsense and thought it appropriate to make the pfsense list aware.
I imagine a lot of what is disclosed in the post represents problems with third party packages, and would mostly be mitigated by not allowing the web interface to be accessible from non-trusted networks / IPs.
-- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list