Univention Bugzilla – Full Text Bug Listing |
Summary: | unprotected univention-directory-reports | ||
---|---|---|---|
Product: | UCS | Reporter: | Jannik Ahlers <ahlers> |
Component: | LDAP | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
Severity: | normal | ||
Priority: | P5 | CC: | birkefeld, botner, grandjean |
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-2-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 45680 |
Comment 1
Florian Best
2017-11-07 16:31:42 CET
The directory /var/www/univention-directory-reports has been removed. Instead the new directory /usr/share/univention-management-console-module-udm is used. Apache doesn't serve the files anymore. Instead they are served by the UMC module, so that authentication is required. A brute force attack for the file name only works with permissions for the UDM module now and isn't worth it for 58 ** 6 requests. Old files are moved into the new directory. The cleanup-cronjob uses the new directory now. The report file is now automatically downloaded instead of another necessary click. univention-management-console-module-udm.yaml cc71a8621887 | Bug #45644: Merge branch 'fbest/45644-protect-univention-directory-reports' into 4.2-2 9ff92006d113 | YAML Bug #45644 univention-management-console-module-udm (7.0.10-22) ab49e39d5fdd | Bug #45644: disable also apache config if it was enabled (systems prior UCS 3.x) cc71a8621887 | Bug #45644: Merge branch 'fbest/45644-protect-univention-directory-reports' into 4.2-2 523a58eaa7e3 | Bug #45644: move the report directory for security reasons from /var/www/univention-directory-reports to /usr/share/univention-management-console-module-udm The old reports are not removed/moved during the update postinst is always called with "configure" not upgrade univention-management-console-module-udm (7.0.10-23) 1fd0040a5ef7 | Bug #45644: fix typo in postinst FAIL - please update version in yaml OK - update moves old reports OK - /univention-directory-reports/ no longer accessible OK - report permissions OK - report download univention-management-console-module-udm.yaml 60080fd487fe | YAML Bug #45644 OK |