https://f0o.dev/research/ Recent content in Research on Daniel 'f0o' Preussker Hugo en-us Sat, 10 Apr 2021 00:00:00 +0000 https://f0o.dev/research/2021/04/kry-pcr-travel-certificate/ Sat, 10 Apr 2021 00:00:00 +0000 https://f0o.dev/research/2021/04/kry-pcr-travel-certificate/ September Update This is no longer valid as Kry started to comply with EU laws to provide a validation QR code. However I have not been given any oportunity to test their new procedures. It is therefore unknown whether any internal procedures have changed regarding the issuance of those certificates. – Original Covid PCR Travel Certificates have become a necessity for travel. The market is full with private labs, pop-up pharmacies and anything in between to provide PCR Travel tests and their certificates. https://f0o.dev/research/2019/12/cve-2019-19687/ Mon, 09 Dec 2019 00:00:00 +0000 https://f0o.dev/research/2019/12/cve-2019-19687/ Another month passes and again I’ve been struck by boredom - that’s never a good thing! ;) This time I had a small adventure with OpenStack Keystone which lead me to the discovery of CVE-2019-19687 / OSSA-2019-006. While the previous CVE that I posted here implied certain preconditions to apply to elevate or disclose information, this one does not. This issue affects any OpenStack installation running Ussuri, Train or Stein. https://f0o.dev/research/2019/10/cve-2019-17134/ Fri, 04 Oct 2019 00:00:00 +0000 https://f0o.dev/research/2019/10/cve-2019-17134/ When you’re on vacation and just can’t stay still so you start poking around new things… This time it lead me to discover a severe authentication bypass in OpenStack Octavia LBaaS or better known as CVE-2019-17134 or OSSA-2019-005. Patches are available now through pip and RDO. Ubuntu is currently polishing up the packages and will follow soon. The attack vector requires the adversary to be on the management network of the LBaaS component, sadly this is often the case to eliminate network complexity.