Oops, Xorux Did It Again: Sensitive Info Slip-Up in LPAR2RRD Logs!

Xorux LPAR2RRD users were left scratching their heads when read-only user logs revealed sensitive data, including password hashes. Who knew a simple log download could turn into a security breach? Xorux swiftly released version 8.05 to patch this leak, proving once again that even in tech, it’s good to log out.

1P
Published: July 28, 2025 11:45 pmAdded: July 28, 2025 at 5:16 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew read-only could be so revealing? In a plot twist that rivals a spy thriller, Xorux’s LPAR2RRD allows even the most harmless ‘read-only’ users to take a peek behind the curtain, grabbing sensitive information faster than you can say ‘password hash’. Maybe it’s time to redefine ‘read-only’ to ‘read-and-reveal’!

Key Points:

  • Xorux LPAR2RRD has a vulnerability allowing read-only users to access sensitive logs.
  • The flaw affects versions 8.04 and prior on Rocky Linux 8.10.
  • This issue can lead to exposure of password hashes for all users, including admin.
  • Xorux has released version 8.05 to patch this vulnerability.
  • The security hole was discovered by Jim Becher of KoreLogic, Inc.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?