Is pfSense affected from CVE-2019-19521: Authentication bypass?
-
The bug affects OpenBSD, but since the error is in BSD authentication, I'm wondering if this is from a shared codebase.
Thanks
Tobias -
Just crosslinking the other thread, basically asking the same question.
https://forum.netgate.com/topic/148666/cve-2019-19521-and-pfsenseTo date: no "official" statement there either, but same assumptions about FreeBSD != OpenBSD, plus pfSense not using anything of the mentioned auth mechanisms exept for SSH, which would fail anyways.