2016-12-02 20:14 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0006825CentOS-6piranhapublic2014-04-21 14:57
ReporterIDMS-andreas.schiermeier 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
Product Version6.4 
Target VersionFixed in Version6.5 
Summary0006825: Authentication bypass in Webinterface
DescriptionWebserver configuration of Pirhana only limits GET-Requests.
It's possible to bypass authentication to view and modify the configuration.

Please remove the directives <Limit …> and </Limit> in /etc/sysconfig/ha/conf/httpd.conf
Steps To Reproducewget -qO- --post-data='' http://pirhanahost:3636/secure/control.php
TagsNo tags attached.
Attached Files
  • patch file icon pirhana-httpdconf-limit.patch (389 bytes) 2013-12-11 12:40 -
    --- etc/sysconfig/ha/conf/httpd.conf.orig	2013-12-11 13:33:10.992688518 +0100
    +++ etc/sysconfig/ha/conf/httpd.conf	2013-12-11 13:33:29.836687604 +0100
    @@ -109,9 +109,7 @@
         AuthGroupFile /dev/null
         AuthName "access to the piranha web GUI"
         AuthType Basic
    -    <Limit GET>
    -        require user piranha
    -    </Limit>
    +    require user piranha
     </Directory>
     
     HostnameLookups On
    
    patch file icon pirhana-httpdconf-limit.patch (389 bytes) 2013-12-11 12:40 +

-Relationships
+Relationships

-Notes

~0018655

athmane (developer)

I was able to reproduce this issue.

Because it's not specific to CentOS, I filed a bug in upstream bugzilla (with tracking link to this issue, see 'External Trackers' section).

https://bugzilla.redhat.com/show_bug.cgi?id=1043040

~0019651

tigalch (manager)

Fixed with errata https://rhn.redhat.com/errata/RHSA-2014-0175.html
+Notes

-Issue History
Date Modified Username Field Change
2013-12-11 12:40 IDMS-andreas.schiermeier New Issue
2013-12-11 12:40 IDMS-andreas.schiermeier File Added: pirhana-httpdconf-limit.patch
2013-12-13 20:03 athmane Note Added: 0018655
2013-12-13 20:03 athmane Status new => confirmed
2014-04-21 14:57 tigalch Note Added: 0019651
2014-04-21 14:57 tigalch Status confirmed => resolved
2014-04-21 14:57 tigalch Fixed in Version => 6.5
2014-04-21 14:57 tigalch Resolution open => fixed
+Issue History