Skip to content

Commit

Permalink
Password: Fix security issue in virtualmin and sasl drivers
Browse files Browse the repository at this point in the history
  • Loading branch information
alecpl committed Apr 25, 2017
1 parent 5631de7 commit 06abad4
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 4 deletions.
1 change: 1 addition & 0 deletions CHANGELOG
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ RELEASE 1.3-rc
- Fix undesired effects when postgres database uses different timezone than PHP host (#5708)
- Installer: Fix DB schema initialization on MS SQL Server
- Fix bug where base_dn setting was ignored inside group_filters (#5720)
- Password: Fix security issue in virtualmin and sasl drivers

RELEASE 1.3-beta
----------------
Expand Down
2 changes: 1 addition & 1 deletion plugins/password/drivers/sasl.php
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ class rcube_sasl_password
function save($currpass, $newpass)
{
$curdir = RCUBE_PLUGINS_DIR . 'password/helpers';
$username = escapeshellcmd($_SESSION['username']);
$username = escapeshellarg($_SESSION['username']);
$args = rcmail::get_instance()->config->get('password_saslpasswd_args', '');

if ($fh = popen("$curdir/chgsaslpasswd -p $args $username", 'w')) {
Expand Down
6 changes: 3 additions & 3 deletions plugins/password/drivers/virtualmin.php
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,9 @@ function save($currpass, $newpass)
$domain = $rcmail->user->get_username('domain');
}

$username = escapeshellcmd($username);
$domain = escapeshellcmd($domain);
$newpass = escapeshellcmd($newpass);
$username = escapeshellarg($username);
$domain = escapeshellarg($domain);
$newpass = escapeshellarg($newpass);
$curdir = RCUBE_PLUGINS_DIR . 'password/helpers';

exec("$curdir/chgvirtualminpasswd modify-user --domain $domain --user $username --pass $newpass", $output, $returnvalue);
Expand Down

0 comments on commit 06abad4

Please sign in to comment.