Skip to content

Instantly share code, notes, and snippets.

@Wocanilo Wocanilo/adAS.patch
Created Sep 17, 2019

Embed
What would you like to do?
Parche para adAS 1.7.0 que soluciona múltiples vulnerabilidades
diff -Naur adas-1.7.0/adas-admin/lib/command/logs/LogHelper.class.php adas-1.7.1/adas-admin/lib/command/logs/LogHelper.class.php
--- adas-1.7.0/adas-admin/lib/command/logs/LogHelper.class.php 2017-04-04 19:01:47.000000000 +0200
+++ adas-1.7.1/adas-admin/lib/command/logs/LogHelper.class.php 2019-09-15 17:24:17.145398700 +0200
@@ -171,7 +171,7 @@
$logs[$id_thread]["logs"][] = array(
'hour' => $data["timestamp"],
'mode' => $data["level"],
- 'msg' => $data["message"],
+ 'msg' => htmlentities($data["message"]),
);
}
}
diff -Naur adas-1.7.0/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php adas-1.7.1/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php
--- adas-1.7.0/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php 2017-04-04 19:01:47.000000000 +0200
+++ adas-1.7.1/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php 2019-09-15 17:07:29.838858000 +0200
@@ -79,7 +79,7 @@
if (!is_callable($alg_pw)) {
ConfigManager::includeCallbacks();
}
- $parsed_password = call_user_func($alg_pw, $password);
+ $parsed_password = hash($alg_pw, $password);
}
$stored_password = null;
@@ -91,7 +91,7 @@
for ($i = 0; $i < $data_server_count; $i++) {
$stored_password = $data_server[$i];
- $res = $parsed_password == $stored_password;
+ $res = $parsed_password === $stored_password;
if ($res == true) {
$userID = $this->getUserID($username);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.