General

Profile

Ian Gallagher

  • Login: cdine
  • Email: crash@neg9.org
  • Registered on: 01/22/2014
  • Last connection: 01/19/2017

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 0 2 2

Activity

01/19/2017

09:20 PM pfSense Feature #4606: PKI : CA signing external CSR
+1 - I would very much like the ability to use the pfSense managed CA for signing my other internal CSRs within my ne... Ian Gallagher

12/23/2015

03:45 PM pfSense Packages Bug #5560: AutoConfigBackup curl session does not verify SSL/TLS certificate of portal.pfsense.org, allowing for possible MiTM attacks
Did this make it in to 2.2.6? I don't see the 2.2.6 release tag on Github. Ian Gallagher

12/01/2015

07:53 PM pfSense Packages Bug #5560: AutoConfigBackup curl session does not verify SSL/TLS certificate of portal.pfsense.org, allowing for possible MiTM attacks
Great, glad to help and get it fixed. Ian Gallagher
01:46 PM pfSense Packages Bug #5560 (Resolved): AutoConfigBackup curl session does not verify SSL/TLS certificate of portal.pfsense.org, allowing for possible MiTM attacks
The configuration of the curl session used for submitting AutoConfigBackup blobs to the pfSense portal is explicitly ... Ian Gallagher

02/14/2014

12:40 PM pfSense Bug #2952: Unvalidated input during system_firmware_check.php
I'd advocate a more appropriate fix than addslashes() for this - slash-escaping is not sufficient to protect against ... Ian Gallagher

01/22/2014

06:31 PM pfSense Bug #2952: Unvalidated input during system_firmware_check.php
While I'm a big fan of the updates going over HTTPS for transport security, I would say that this is a different issu... Ian Gallagher
02:06 PM pfSense Bug #2952: Unvalidated input during system_firmware_check.php
Verified to still be present and exploitable in 2.1p1-RELEASE/nanobsd 4g (Netgate image), by replacing the reported ... Ian Gallagher
01:26 PM pfSense Bug #2952: Unvalidated input during system_firmware_check.php
Hi,
I'd like to bring this issue up again, and increase it's priority to critical or high, as I have verified the ... Ian Gallagher
02:22 PM pfSense Bug #3405 (Rejected): Cross-Site Scripting Vulnerability in system_firmware_check.php
Filing this as a new bug so it doesn't fall under the cracks - the unvalidated input bug in #2952 has been verified t... Ian Gallagher

Also available in: Atom