hamradioweb.org

 


Go Back   hamradioweb.org > Discussioni / Areas of discussion > Foreign Visitors Area

Notices

Foreign Visitors Area This area is reserved to all HamRadioWeb forum "foreign" members. All kinds of ham radio related arguments are welcome here ! Please, respect the mandatory language of this subsection: posting is allowed only in english.

Reply
 
Thread Tools Search this Thread
Old 06-05-12, 12:56   #1
IZ0IEN
Moderator
 
IZ0IEN's Avatar
 
Join Date: Nov 2008
Location: Frosinone JN61sp
Posts: 1,700
QRZ.com user administration escalation

A very weak security check on QRZ.com permit to anyone to be admin of any callsign on QRZ.com

Administrators are advised by email. At the moment, users can't do anything to mitigate or block the vulnerability.

Further details after the acknowledgement and the fix by QRZ.com administrators.

Regards,
Cris IZ0IEN

Last edited by IZ0IEN; 06-05-12 at 13:03.
IZ0IEN non   collegato   Reply With Quote
Old 06-05-12, 17:05   #2
IZ0IEN
Moderator
 
IZ0IEN's Avatar
 
Join Date: Nov 2008
Location: Frosinone JN61sp
Posts: 1,700
Re: QRZ.com user administration escalation

Quote:
Originally Posted by IZ0IEN View Post

Further details after the acknowledgement and the fix by QRZ.com administrators.

Regards,
Cris IZ0IEN
Fred Lloyd, AA7BQ, replied to my email. I agree with him that is not a real security issue: no sensitive data can be stolen. But, the issue exist.
In the meanwhile, i proposed a possible solution. Fred is the admin and founder, so is up to him to considerate or not my words.

Reading the kind and respectful email of Fred, i decide that the issue will not detailed by me to the general public.

Cristiano IZ0IEN

Last edited by IZ0IEN; 06-05-12 at 22:51.
IZ0IEN non   collegato   Reply With Quote
Reply

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT +1. The time now is 00:57.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.