Bugtraq mailing list archives
And another (same) bug in DCForum at user registration process (dcscripts.com)
From: shimi <shimi () jct ac il>
Date: Sat, 2 Feb 2002 18:32:43 +0200 (IST)
When registering a user and not allowing him to choose a password, a password is generated by the same algorithm as the algorithm used when creating new password for a user who lost it. Once again, the password is predictable, thus bypasses all limitations of using a valid mailbox for user registration (user can use a fake E-Mail address, and still know his password) In Lib/user_register.pl: <snip> if ($r_in->{'command'} eq 'register') { </snip> <snip> if ($r_setup->{'auth_register_via_email'} eq 'on') { my $session = get_session_id(); $r_in->{'password'} = substr($session,3,6); </snip> Should be random. Use the same patch as with the other bug: http://www.dcscripts.com/bugtrac/DCForumID7/3.html Have fun. Best regards, Shimi ---- "Outlook is a massive flaming horrid blatant security violation, which also happens to be a mail reader." "Sure UNIX is user friendly; it's just picky about who its friends are." Sign that you downloaded Linux from a bad source: "My compiler keeps hanging on NSABackdoor.h !!!"
Current thread:
- And another (same) bug in DCForum at user registration process (dcscripts.com) shimi (Feb 05)