Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 130644 Details for
Bug 192240
net-analyzer/jffnms < 0.8.4-pre3 Multiple vulnerabilities (CVE-2007-31{89,90,91,92})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
20_security.dpatch
20_security.dpatch (text/plain), 2.67 KB, created by
Robert Buchholz (RETIRED)
on 2007-09-11 21:46:14 UTC
(
hide
)
Description:
20_security.dpatch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2007-09-11 21:46:14 UTC
Size:
2.67 KB
patch
obsolete
>#! /bin/sh /usr/share/dpatch/dpatch-run >## 20_security.dpatch by <csmall@debian.org> >## >## All lines beginning with `## DP:' are a description of the patch. >## DP: No description. > >@DPATCH@ >diff -urNad jffnms-0.8.3dfsg.1~/htdocs/admin/adm/test.php jffnms-0.8.3dfsg.1/htdocs/admin/adm/test.php >--- jffnms-0.8.3dfsg.1~/htdocs/admin/adm/test.php 2006-09-17 09:31:13.000000000 +1000 >+++ jffnms-0.8.3dfsg.1/htdocs/admin/adm/test.php 1970-01-01 10:00:00.000000000 +1000 >@@ -1 +0,0 @@ >-<? phpinfo(); ?> >\ No newline at end of file >diff -urNad jffnms-0.8.3dfsg.1~/htdocs/auth.php jffnms-0.8.3dfsg.1/htdocs/auth.php >--- jffnms-0.8.3dfsg.1~/htdocs/auth.php 2006-09-17 09:31:13.000000000 +1000 >+++ jffnms-0.8.3dfsg.1/htdocs/auth.php 2007-06-11 09:19:46.000000000 +1000 >@@ -46,11 +46,6 @@ > session_start(); > } > >- if (($jffnms_version=="0.0.0") && ($_SERVER["REMOTE_ADDR"]=="128.30.52.13")) { //W3C Validator >- $_REQUEST["user"]="admin"; >- $_REQUEST["pass"]="admin"; >- } >- > if (!isset($_SESSION["authentification"])) > $authentification = $jffnms->authenticate ($_REQUEST["user"],$_REQUEST["pass"],true,"from ".$_SERVER["REMOTE_ADDR"]); > >diff -urNad jffnms-0.8.3dfsg.1~/lib/api.classes.inc.php jffnms-0.8.3dfsg.1/lib/api.classes.inc.php >--- jffnms-0.8.3dfsg.1~/lib/api.classes.inc.php 2006-09-17 09:31:14.000000000 +1000 >+++ jffnms-0.8.3dfsg.1/lib/api.classes.inc.php 2007-06-11 09:19:46.000000000 +1000 >@@ -677,7 +677,7 @@ > $auth_type = 1; > $cant_auth = 0; > >- if (isset($user) && isset($pass)) { >+ if (preg_match("/^[\w\@\.]{0,20}$/", $user) && isset($pass)) { > $query_auth = "select id as auth_user_id, usern as auth_user_name, passwd, fullname as auth_user_fullname from auth where usern = '$user'"; > $result_auth = db_query ($query_auth); > $cant_auth = db_num_rows($result_auth); >@@ -693,18 +693,20 @@ > } > > if (($auth==0) && ($cant_auth == 0)){ //not found in DB >- if (isset($user) && isset($pass)) { >+ >+ if (preg_match("/^[\w\@\.]{0,20}$/", $user) && isset($pass)) { > $query_auth = "select id as auth_user_id, username as auth_user_name, name as auth_user_fullname from clients where username= '$user' and password = '$pass'"; > $result_auth = db_query ($query_auth); > $auth = db_num_rows( $result_auth); > } >+ > if ($auth==1) { > $reg = db_fetch_array($result_auth); > $auth_type = 2; > } > } > >- if (($log_event==true) && (!empty($user))) >+ if (($log_event==true) && preg_match("/^[\w\@\.]{0,20}$/", $user)) > insert_event(date("Y-m-d H:i:s",time()),get_config_option("jffnms_internal_type"),1,"Login",(($auth==1)?"successful":"failed"),$user,$log_event_info,"",0); > > unset ($reg["passwd"]);
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 192240
: 130644