Freigeben über


SensePost blog on arbitrary file downloads in a Juniper AX

Fascinating blog over @ SensePost about a Juniper AX control that allowed arbitrary file downloads to a predictable location ala Apple/Safari:

https://www.sensepost.com/blog/2237.html

Haroon makes some excellent points about the inability of standard fuzzers to find design flaws such as the one they identified in the AX and how good ole human intuition is still a very necessary part of any audit. :)

thx for the link Haroon!