Univention Bugzilla – Bug 51194
USS still uses md5 to hash initial password for root
Last modified: 2021-05-25 16:01:59 CEST
# grep -n md5 /usr/lib/univention-system-setup/scripts/10_basis/18root_password 65:usermod -p "$(mkpasswd -H md5 "$root_password")" root # grep root /etc/shadow root:$1$UA2XFeyu$1KmEIwd9u0BOFR/A8AvcY.:18018:0:99999:7::: ^ ^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^ | \_salt_/ \_____encrypted______/ +- 1=MD5 2a=Blowfish 5=SHA-256 6=SHA-512 from <man:crypt(3)> # ls -l /etc/shadow -rw-r----- 1 root shadow 1328 Nov 19 16:28 /etc/shadow IFF I can get read access to that file I can get the md5 hash, crack it and would try it for uid=Administrator, which gives me full access to LDAP (and all other hosts of the domain). NIST banned SHA-1 in 2015 and MD5 is even older.
fixed in 4.4-4, is there already a 5.0 fork? Otherwise the 4.4 fix should be enough. *** This bug has been marked as a duplicate of bug 51195 ***
(In reply to Felix Botner from comment #2) > fixed in 4.4-4, is there already a 5.0 fork? We do not need to port changes to future releases at the moment, yet.
UCS 5.0 has been released: https://docs.software-univention.de/release-notes-5.0-0-en.html https://docs.software-univention.de/release-notes-5.0-0-de.html If this error occurs again, please use "Clone This Bug".