Overview

File CVE-2016-2313.patch of Package cacti.4601

Date: 2016-01-17 20:23:42 +0100
Subject: -bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access
From: Andreas Stieger <astieger@suse.com>
Upstream: committed
References: https://bugzilla.opensuse.org/show_bug.cgi?id=965930 http://bugs.cacti.net/view.php?id=2656 http://svn.cacti.net/viewvc?view=rev&revision=7770

------------------------------------------------------------------------
r7770 | cigamit | 2016-01-17 20:23:42 +0100 (Sdag, 17 Jan 2016) | 1 line
Changed paths:
   M /cacti/tags/0.8.8g/auth_login.php
   M /cacti/tags/0.8.8g/docs/CHANGELOG

-bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access
------------------------------------------------------------------------
Index: cacti-0.8.8f/auth_login.php
===================================================================
--- cacti-0.8.8f.orig/auth_login.php
+++ cacti-0.8.8f/auth_login.php
@@ -86,6 +86,13 @@ if ($action == 'login') {
 		/* Locate user in database */
 		$user = db_fetch_row("SELECT * FROM user_auth WHERE username = " . $cnn_id->qstr($username) . " AND realm = 2");
 
+		if (!$user) {
+			cacti_log("AUTH LOGIN: User " . $username . " authenticated by web server but not found in Cacti database.");
+			$username = htmlspecialchars($username);
+			auth_display_custom_error_message("$username is not authorized to use Cacti.");
+			exit;			
+		}
+
 		break;
 	case "3":
 		/* LDAP Auth */
openSUSE Build Service is sponsored by
Places