The project can be used as both router and firewall. PfSense® is a freely distributed and open source BSD operating system derived from the well known m0n0wall project, but with radically different goals like using Packet Filter and the latest FreeBSD technologies.
Existing users who are not administrators, but only have access to the stated pages, can no longer edit advanced option fields until the new privileges have been granted. A new set of privileges has been created to delegate access to edit the advanced options fields on these pages.A privilege escalation issue where an authenticated user granted access to edit OpenVPN servers, clients, or client-specific overrides could have executed shell scripts via OpenVPN advanced options to gain higher privileges.A privilege escalation issue where an authenticated user granted access to the Dashboard or widgets could have gained access to pages for which they otherwise would not have privileges.A privilege escalation issue where an authenticated user could have used a technique similar to directory traversal to gain access to pages for which they otherwise would not have privileges.
0 kommentar(er)
