Bug 1249672 - RHEL7 atomic and other cloud images using MD5 password hashing
RHEL7 atomic and other cloud images using MD5 password hashing
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20150801,repor...
: Security
Depends On:
Blocks: 1249675
  Show dependency treegraph
 
Reported: 2015-08-03 10:29 EDT by Adam Mariš
Modified: 2015-10-21 11:35 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Adam Mariš 2015-08-03 10:29:03 EDT
Colin Walters of Red Hat reported that cloud images including RHEL7 atomic cloud use MD5 for hashing the passwords.

Link to RT:
https://engineering.redhat.com/rt/Ticket/Display.html?id=364512&results=4fe06531482005289b2bd55008734d2c

Complete list of affected cloud images:
$ git grep -e --enablemd5
archive/cloud-engine-6.1.ks:auth --useshadow --enablemd5
archive/libra-express-6.0.ks:auth --useshadow --enablemd5
jbeap/jb-eap-5-rhel-6-ec2.ks:auth --useshadow --enablemd5
jbeap/jb-eap-6-rhel-6-ec2.ks:auth --useshadow --enablemd5
jbeap/jb-eap-6.4.0-rhel-6-ec2.ks:auth --useshadow --enablemd5
jbeap/jb-eap-6.4.0-rhel-6.6-ec2.ks:auth --useshadow --enablemd5
jbews/jb-ews-1-rhel-6-ec2.ks:auth --useshadow --enablemd5
jbon/jb-on-server-rhel-5-ec2.ks:auth --useshadow --enablemd5
jbon/jb-on-server-rhel-6-ec2.ks:auth --useshadow --enablemd5
mrg/mrg-grid-2-rhel-5-ec2.ks:auth --useshadow --enablemd5
mrg/mrg-grid-2-rhel-6-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.10-server-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.11-server-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.5-server-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.6-server-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.7-server-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.8-server-ec2.ks:auth --useshadow --enablemd5
rhel5/rhel-5.9-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6-hwcert.ks:authconfig --enableshadow --enablemd5
rhel6/rhel-6.0-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.1-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.2-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.3-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.4-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.5-sap-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.5-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.6-sap-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.6-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.6-server-kvm.ks:auth --useshadow --enablemd5
rhel6/rhel-6.7-server-ec2.ks:auth --useshadow --enablemd5
rhel6/rhel-6.7-server-kvm.ks:auth --useshadow --enablemd5
rhel7/atomic-7.1-cloud.ks:auth --useshadow --enablemd5
rhel7/atomic-7.1-vagrant.ks:auth --useshadow --enablemd5
rhel7/rhel-7.1-docker-utility.ks:authconfig --enableshadow --enablemd5
rhel7/rhel-7.1-server-vagrant-kube.ks:authconfig --enableshadow --enablemd5
rhel7/rhel-7.1-server-vagrant.ks:authconfig --enableshadow --enablemd5
rhel7/rhel7-hyperv-utility.ks:authconfig --enableshadow --enablemd5
rhev/rhevm-3.5-rhel-6.6/rhevm-appliance.ks:auth --useshadow --enablemd5
rhev/rhevm-3.5-rhel-6.7/rhevm-appliance.ks:auth --useshadow --enablemd5
rhev/rhevm-3.6-rhel-6/rhevm-appliance.ks:auth --useshadow --enablemd5
rhui/rhel5-x86_64-AMAZON-CDS.ks:auth --useshadow --enablemd5
rhui/rhel5-x86_64-AMAZON-RHUA.ks:auth --useshadow --enablemd5
rhui/rhel5-x86_64-AMAZON-STARTER.ks:auth --useshadow --enablemd5
rova/rova.ks:auth --enablemd5 --enableshadow
satellite/foreman-discovery-image.ks:auth --useshadow --enablemd5
storage/RHGS-3.1-ec2.ks:auth --useshadow --enablemd5
storage/RHS-2.0-ec2.ks:auth --useshadow --enablemd5
storage/RHS-2.1-ec2.ks:auth --useshadow --enablemd5
storage/RHS-3.0-ec2.ks:auth --useshadow --enablemd5

Note You need to log in before you can comment on or make changes to this bug.