dgit.raspbian.org Git - 389-ds-base.git/commit

author	Firstyear <william@blackhats.net.au>
	Fri, 9 Jul 2021 01:53:35 +0000 (11:53 +1000)
committer	Andrej Shadura <andrewsh@debian.org>
	Sun, 19 Jan 2025 12:30:31 +0000 (13:30 +0100)
commit	4b2afbd7921cb779a5a814deaf9a43bee23463f2
tree	9db284fae11f5d4b1ac4280246202e68d5f834d2	tree \| snapshot
parent	48ca7e156e6a8c994eb59e99091c20d67ef6b021	commit \| diff

CVE-2021-3652 - locked crypt accounts on import may allow all passwords (#4819) - Issue 4817 - BUG

Bug Description: Due to mishanding of short dbpwd hashes, the
crypt_r algorithm was misused and was only comparing salts
in some cases, rather than checking the actual content
of the password.

Fix Description: Stricter checks on dbpwd lengths to ensure
that content passed to crypt_r has at least 2 salt bytes and
1 hash byte, as well as stricter checks on ct_memcmp to ensure
that compared values are the same length, rather than potentially
allowing overruns/short comparisons.

fixes: https://github.com/389ds/389-ds-base/issues/4817

Author: William Brown <william@blackhats.net.au>

Review by: @mreynolds389

Origin: backport, commit:aeb90eb0c41fc48541d983f323c627b2e6c328c7

Gbp-Pq: Name CVE-2021-3652-locked-crypt-accounts-may-allow-all-pwd.patch

dirsrvtests/tests/suites/password/pwd_crypt_asterisk_test.py	[new file with mode: 0644]	blob
ldap/servers/plugins/pwdstorage/crypt_pwd.c		diff \| blob \| history