[Tickets #11424] security problem with syncml and LDP Authentication
bugs at horde.org
bugs at horde.org
Thu Sep 13 11:25:41 UTC 2012
BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE
E-MAIL-ADRESSE WERDEN NICHT GELESEN.
Ticket-URL: http://bugs.horde.org/ticket/11424
------------------------------------------------------------------------------
Ticket | 11424
Erstellt Von | Klaus.Steinberger at Physik.Uni-Muenchen.DE
Zusammenfassung | security problem with syncml and LDP Authentication
Warteschlange | Horde Framework Packages
Version | FRAMEWORK_4
Typ | Bug
Status | Unconfirmed
Priorität | 3. High
Milestone |
Patch |
Zuständige |
------------------------------------------------------------------------------
Klaus.Steinberger at Physik.Uni-Muenchen.DE (2012-09-13 11:25) hat geschrieben:
If Authentication is switched to LDAP Auth, then syncml does not
require a password for any known account!
So it is possible to read and even write other users calendar and
addressbooks despite they are not shared!
This does not happen with authentication switched to IMP.
2012-09-13T13:22:17+02:00 DEBUG: HORDE Load config file (nls.php; app:
horde) [pid 24335 on line 868 of "/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 ERR: HORDE DN for user not found [pid 24335
on line 873 of "/usr/share/pear/Horde/Ldap.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE 1. Horde_Registry::appInit()
/var/www/html/horde/rpc.php:77
2. Horde_Registry->__construct() /usr/share/pear/Horde/Registry.php:238
3. Horde_Injector->getInstance() /usr/share/pear/Horde/Registry.php:452
4. Horde_Injector->createInstance() /usr/share/pear/Horde/Injector.php:248
5. Horde_Injector_Binder_Factory->create()
/usr/share/pear/Horde/Injector.php:213
6. Horde_Core_Factory_Notification->create()
/usr/share/pear/Horde/Injector/Binder/Factory.php:111
7. Horde_Registry->listApps()
/usr/share/pear/Horde/Core/Factory/Notification.php:27
8. Horde_Registry->hasPermission() /usr/share/pear/Horde/Registry.php:804
9. Horde_Registry->isAuthenticated() /usr/share/pear/Horde/Registry.php:1439
10. Horde_Core_Factory_Auth->create() /usr/share/pear/Horde/Registry.php:1901
11. Horde_Core_Factory_Auth->_create()
/usr/share/pear/Horde/Core/Factory/Auth.php:61
12. Horde_Core_Factory_Ldap->create()
/usr/share/pear/Horde/Core/Factory/Auth.php:177
13. Horde_Ldap->findUserDN() /usr/share/pear/Horde/Core/Factory/Ldap.php:79
2012-09-13T13:22:17+02:00 DEBUG: HORDE [imp] Load config file
(conf.php; app: imp) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [imp] Load config file
(prefs.php; app: horde) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [imp] Load config file
(prefs.php; app: imp) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [imp] Load config file
(backends.php; app: imp) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [gollem] Load config file
(conf.php; app: gollem) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [gollem] Load config file
(prefs.php; app: gollem) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [gollem] Load config file
(backends.php; app: gollem) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] Horde_Rpc::__construct
complete [pid 24335 on line 96 of "/usr/share/pear/Horde/Rpc.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] Backend of class
Horde_SyncMl_Backend_Horde created [pid 24335 on line 38 of
"/usr/share/pear/Horde/SyncMl/Backend/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] New session created:
68488bc4dedf64c51742b5d1433f1de9 [pid 24335 on line 364 of
"/usr/share/pear/Horde/SyncMl/ContentHandler.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] Checking authentication
for user Guinea.Pig [pid 24335 on line 371 of
"/usr/share/pear/Horde/SyncMl/ContentHandler.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] Hook preauthenticate in
application horde called. [pid 24335 on line 1829 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] SQL (0.0003s)
SELECT lock_id, lock_owner, lock_scope, lock_principal,
lock_origin_timestamp, lock_update_timestamp, lock_expiry_timestamp,
lock_type FROM horde_locks WHERE lock_expiry_timestamp >= 1347535337
AND lock_principal = 'login:guinea.pig' AND lock_scope =
'horde_auth'
AND lock_type = 1 [pid 24335 on line 803 of
"/usr/share/pear/Horde/Db/Adapter/Base.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] SQL (0.0003s)
DELETE FROM horde_histories WHERE object_uid IN
('guinea.pig at logins.failed') [pid 24335 on line 803 of
"/usr/share/pear/Horde/Db/Adapter/Base.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] Load config file
(prefs.php; app: horde) [pid 24335 on line 868 of
"/usr/share/pear/Horde.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] SQL (0.0004s)
SELECT pref_scope, pref_name, pref_value FROM horde_prefs WHERE
pref_uid = 'guinea.pig' AND pref_scope = 'horde' [pid 24335
on line 803 of "/usr/share/pear/Horde/Db/Adapter/Base.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] SQL (0.0008s)
SHOW FIELDS FROM `horde_prefs` [pid 24335 on line 803 of
"/usr/share/pear/Horde/Db/Adapter/Base.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] Authenticated: yes;
version: 1.2; message ID: 1; source URI: fmz-L42piSo6yCHQCePbdZhTCA==;
target URI: http://testwebmail.physik.uni-muenchen.de/horde/rpc.php;
user: guinea.pig; charset: UTF-8; wbxml: no [pid 24335 on line 283 of
"/usr/share/pear/Horde/SyncMl/ContentHandler.php"]
2012-09-13T13:22:17+02:00 DEBUG: HORDE [horde] SQL (0.0004s)
SELECT syncml_clientanchor, syncml_serveranchor FROM
horde_syncml_anchors WHERE syncml_syncpartner =
'fmz-L42piSo6yCHQCePbdZhTCA==' AND syncml_db = 'contacts' AND
syncml_uid = 'guinea.pig' [pid 24335 on line 803 of
"/usr/share/pear/Horde/Db/Adapter/Base.php"]
More information about the bugs
mailing list