DNS rebinding and CSRF on Samsung TV DIAL implementation

computer security vulnerability dial dns-rebinding csrf

A DNS rebinding vulnerability as well as a Cross Site Request Forgery (CSRF) vulnerability on the DIAL (Discovery And Launch) implementation of the Samsung TV UE40F6320 (v1.0), from 2011. This can be used to open any installed application (eg. Netflix and Youtube) and force the vizualisation of a given video in the applications.

Read more…

DNS rebinding vulnerability in Samsung SmartTV UPnP

computer security vulnerability dns-rebinding upnp

A DNS rebinding vulnerability on the Universal Plug-anbd Play (UPnP) interface of the Samsung TV UE40F6320 (v1.0), from 2011. This could be used, for example, to change the channel, to know which channel is currently used or open the builtin browser to any URI.

Read more…

GNU/Linux host name resolution

computer network dns system

This post describes different software components involved in host name resolutions and DNS configuration on GNU/Linux systems. It consists of a diagram and some accompanying explanations. The goal is to give some pointers and references to understand how to troubleshoot host name/DNS resolution problems and configuration problems on GNU/Linux systems.

Read more…

Systemd-resolved DNS configuration for VPN

computer vpn dns systemd covid-19

Some guidance about configuring/fixing domain name resolution with a corporate Virtual Private Network (VPN), especially OpenVPN, with systemd-based Linux systems. This configuration uses the internal/private corporate resolvers for resolving internal/private domain names while using the ISP resolver for general domain names. This might help if your VPN is struggling these days because of the COVID-19 threat 😷.

Read more…

Page 1 of 6 | | Next page | JSON Feed | Atom Feed