Before the site went down someone found a commend injection issue, allowing command execution as root.
For those who didn’t see it. It was a textbox on a web page passing unfiltered input to a root shell!
https://twitter.com/svblxyz/status/969220402768736258
https://twitter.com/Manawyrm/status/969230542578348033
previous discussion: https://lobste.rs/s/sz6ylh/digicert_statement_on_trustico
Before the site went down someone found a commend injection issue, allowing command execution as root.
For those who didn’t see it. It was a textbox on a web page passing unfiltered input to a root shell!
https://twitter.com/svblxyz/status/969220402768736258
https://twitter.com/Manawyrm/status/969230542578348033
previous discussion: https://lobste.rs/s/sz6ylh/digicert_statement_on_trustico