Univention Bugzilla – Bug 51195
[UCS 4.4] UCS still uses md5 to hash initial password for root
Last modified: 2020-06-10 14:43:01 CEST
clone to fix in next UCS 4.4 installation DVD +++ This bug was initially created as a clone of Bug #51194 +++ # grep -n md5 /usr/lib/univention-system-setup/scripts/10_basis/18root_password 65:usermod -p "$(mkpasswd -H md5 "$root_password")" root # grep root /etc/shadow root:$1$UA2XFeyu$1KmEIwd9u0BOFR/A8AvcY.:18018:0:99999:7::: ^ ^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^ | \_salt_/ \_____encrypted______/ +- 1=MD5 2a=Blowfish 5=SHA-256 6=SHA-512 from <man:crypt(3)> # ls -l /etc/shadow -rw-r----- 1 root shadow 1328 Nov 19 16:28 /etc/shadow IFF I can get read access to that file I can get the md5 hash, crack it and would try it for uid=Administrator, which gives me full access to LDAP (and all other hosts of the domain). NIST banned SHA-1 in 2015 and MD5 is even older.
0274712f662e1fe4687d451a0b9980aa68a2b06d - yaml c569e7a974eda6ba2fa3e2e9dad6a8f80c23187a - univention-system-setup 6e76f5e86da57ebe84cc27a64ac366918a450f24
*** Bug 51194 has been marked as a duplicate of this bug. ***
OK: univention-system-setup 12.0.2-24A~4.4.0.202005281715 OK: password hashed with SHA-512 after system setup OK: Test DVD + Appliance OK: yaml Verified
<http://errata.software-univention.de/ucs/4.4/622.html>