| F5 BIG-IP – Vulnerability!! CVE-2020-5902 – Remote Code Execution (RCE) |
The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. (CVE-2020-5902)
This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration utility, through the BIG-IP management port and/or self IPs, to execute arbitrary system commands… Read more
| Exchange – Update to fix escalation privilege vulnerability |
Due to the vulnerability that allows privilege escalation I wrote about in this post, Microsoft has released a cumulative update for all supported versions of Exchange Server (Exchange 2010, 2013, 2016 and 2019).
| Windows – VMware machines offline due to Microsoft patches |
Today, just when starting the working day we have realized that there were somes servers offline (still powered on but without network connection). It seemed that the network adapters were incorrectly configured without the static IPs.
After some research, a job partner discovered that some days ago (March 13th) Microsoft released some security updates that generates issues to Windows 2008 … Read more
|
| F5 BIGIP – LTM Policy GUI incorrectly shows conditions with datagroups |
The last F5 BIGIP version 13.1.0.2 (I upgraded from v13.0.0 some days ago – 2018 February) seems to generate a bug with the LTM policies.
Fortunately, the issue is only at the Presentation layer. The LTM policy show the rules conditions always with datagroups. This affects all rules and policies.
Better explained with an example:
If this is a … Read more
|
| F5 BIGIP – Bug when using datagroups in LTM policies |
Datagroups can be used in LTM policies to, for example, filter connections based on the client IP address (at least in my BIG-IP v13.0.0)
This is possible by adding a condition like this:
“TCP” – “address” – “matches” – “in datagroup” <DATAGROUP> – at “request” time
(apply traffic on “remote” side of “external” interface)
This works correctly when the … Read more
| Exchange 2013 – Solved the “Search results limited to 250” bug |
As explained in a previous post (Exchange 2013 – Search results limited to 250), there is reported bug in Exchange 2013 that limits the search results to 250.
Microsoft released CU11 (Exchange 2013 – CU 11 released) that was supposed to fix (among others) this bug. Unfortunately, after updating and testing… no success.
I opened a … Read more
|
| Exchange 2013 – Search results limited to 250 |
A few weeks ago some users reported issues with email searches as Outlook returned 250 results maximum.
I usually dont perform big searches in my mailbox so I didnt know if I also had the problem but after some tests I realized that several factors came into play:
– Outlook option to limit searches
To allow big amount of … Read more
