Univention Bugzilla – Full Text Bug Listing |
Summary: | sql injection in remove_s4_rejected.py | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | S4 Connector | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
Severity: | normal | ||
Priority: | P5 | Flags: | best:
Patch_Available+
|
Version: | UCS 4.4 | ||
Target Milestone: | UCS 4.4-0-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Development Internal | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 26501, 49640, 49865 | ||
Attachments: | patch |
univention-s4-connector.yaml ce2aeeadeb46 | Bug #49445: fix sql evaluation in remove_{ucs,s4}_rejected.py univention-s4-connector (13.0.2-16) ce2aeeadeb46 | Bug #49445: fix sql evaluation in remove_{ucs,s4}_rejected.py OK |
Created attachment 10020 [details] patch root@master100:/usr/share/univention-s4-connector# ./remove_s4_rejected.py 'OU=ôscŵ\?ê\3Dô\<4,OU=öGF!*'"'"')%%ẑ,DC=school,DC=dev' Traceback (most recent call last): File "./remove_s4_rejected.py", line 66, in <module> remove_s4_rejected(s4_dn) File "./remove_s4_rejected.py", line 46, in remove_s4_rejected c.execute("SELECT key FROM 'S4 rejected' WHERE value='%s'" % s4_dn) sqlite3.OperationalError: near ")": syntax error