2017-06-27 05:22 UTC
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0006825CentOS-6piranhapublic2013-12-11 12:402014-04-21 14:57
ReporterIDMS-andreas.schiermeier 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
Product Version6.4 
Target VersionFixed in Version6.5 
Summary0006825: Authentication bypass in Webinterface
DescriptionWebserver configuration of Pirhana only limits GET-Requests.
It's possible to bypass authentication to view and modify the configuration.

Please remove the directives <Limit …> and </Limit> in /etc/sysconfig/ha/conf/httpd.conf
Steps To Reproducewget -qO- --post-data='' http://pirhanahost:3636/secure/control.php
TagsNo tags attached.
Attached Files
  • patch file icon pirhana-httpdconf-limit.patch (389 bytes) 2013-12-11 12:40 - 
    --- etc/sysconfig/ha/conf/httpd.conf.orig	2013-12-11 13:33:10.992688518 +0100
+++ etc/sysconfig/ha/conf/httpd.conf	2013-12-11 13:33:29.836687604 +0100
@@ -109,9 +109,7 @@
     AuthGroupFile /dev/null
     AuthName "access to the piranha web GUI"
     AuthType Basic
-    <Limit GET>
-        require user piranha
-    </Limit>
+    require user piranha
 </Directory>
 
 HostnameLookups On
    patch file icon pirhana-httpdconf-limit.patch (389 bytes) 2013-12-11 12:40 +

-Relationships
+Relationships

-Notes

~0018655

athmane (developer)

2013-12-13 20:03

 I was able to reproduce this issue.

Because it's not specific to CentOS, I filed a bug in upstream bugzilla (with tracking link to this issue, see 'External Trackers' section).

https://bugzilla.redhat.com/show_bug.cgi?id=1043040

~0019651

tigalch (manager)

2014-04-21 14:57

 Fixed with errata https://rhn.redhat.com/errata/RHSA-2014-0175.html
+Notes

-Issue History
Date Modified Username Field Change
2013-12-11 12:40 IDMS-andreas.schiermeier New Issue
2013-12-11 12:40 IDMS-andreas.schiermeier File Added: pirhana-httpdconf-limit.patch
2013-12-13 20:03 athmane Note Added: 0018655
2013-12-13 20:03 athmane Status new => confirmed
2014-04-21 14:57 tigalch Note Added: 0019651
2014-04-21 14:57 tigalch Status confirmed => resolved
2014-04-21 14:57 tigalch Fixed in Version => 6.5
2014-04-21 14:57 tigalch Resolution open => fixed
+Issue History