slub.team team mailing list archive

Thread
Date

[Bug 938537] [NEW] hard coded root login

To: slub.team@xxxxxxxxxxxxxxxxxxx
From: Ralf Claussnitzer <938537@xxxxxxxxxxxxxxxxxx>
Date: Wed, 22 Feb 2012 10:15:40 -0000
Reply-to: Bug 938537 <938537@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

Private security bug reported:

LoginForm class implements hard coded root log in for log in name "root"
with password md5 "c01dc87e699e49cba16cf22f99eec00c". Clear text to this
password hash is not available on Google, yet.

** Affects: goobi-production
     Importance: Critical
         Status: Confirmed


** Tags: login security

-- 
You received this bug notification because you are a member of Saxon
State Library Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/938537

Title:
  hard coded root login

Status in Goobi.Production:
  Confirmed

Bug description:
  LoginForm class implements hard coded root log in for log in name
  "root" with password md5 "c01dc87e699e49cba16cf22f99eec00c". Clear
  text to this password hash is not available on Google, yet.

To manage notifications about this bug go to:
https://bugs.launchpad.net/goobi-production/+bug/938537/+subscriptions

Follow ups

[Bug 938537] Re: hard coded root login
From: Ralf Claussnitzer, 2012-02-27
[Bug 938537] Re: hard coded root login
From: Ralf Claussnitzer, 2012-02-27
[Bug 938537] Re: hard coded root login
From: Ralf Claussnitzer, 2012-02-22
[Bug 938537] Re: hard coded root login
From: Ralf Claussnitzer, 2012-02-22
[Bug 938537] Re: hard coded root login
From: Ralf Claussnitzer, 2012-02-22
[Bug 938537] [NEW] hard coded root login
From: Ralf Claussnitzer, 2012-02-22

References

[Bug 938537] [NEW] hard coded root login
From: Ralf Claussnitzer, 2012-02-22