[Secure-testing-team] Bug#614302: dtc-common: sends password of new users to site admin by unencrypted email
Ansgar Burchardt
ansgar at 2008.43-1.org
Sun Feb 20 22:02:37 UTC 2011
Package: dtc-common
Version: 0.29.17-1
Severity: grave
Tags: upstream security
dtc sends the password of new users to the webmaster:
$mail_content = "
Somebody tried to register an account. Here is the details of
the new user:
login: ".$_REQUEST["reqadm_login"]."
pass: ".$_REQUEST["reqadm_pass"]."
[...]
mail($conf_webmaster_email_addr, "$conf_message_subject_header Somebody tried to register an account", $mail_content, $headers);
(from client/new_account_form.php)
This mail is not encrypted. I also don't see any reason why the
webmaster should even know the password...
Ansgar
More information about the Secure-testing-team
mailing list