Bug 1524432 (CVE-2016-8750) - CVE-2016-8750 karaf: LDAP injection in LDAPLoginModule
Summary: CVE-2016-8750 karaf: LDAP injection in LDAPLoginModule
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2016-8750
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1530422
Blocks: 1524434 1530427
TreeView+ depends on / blocked
 
Reported: 2017-12-11 13:47 UTC by Andrej Nemec
Modified: 2021-02-17 01:07 UTC (History)
16 users (show)

Fixed In Version: karaf 4.0.8
Clone Of:
Environment:
Last Closed: 2019-06-08 03:33:07 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:1322 0 None None None 2018-05-03 19:05:06 UTC

Description Andrej Nemec 2017-12-11 13:47:48 UTC 
Apache Karaf uses the LDAPLoginModule to authenticate users to a directory
via LDAP. However, it is not encoding usernames properly and hence is
vulnerable to LDAP injection attacks.

While it appears that it not possible to exploit this vulnerability to allow
an attacker to gain remote access, it allows an attacker to insert special
characters into the search query step. Therefore, it can potentially be
exploited as part of a Denial Of Service attack.

External References:

https://karaf.apache.org/security/cve-2016-8750.txt

Upstream patch:

https://github.com/apache/karaf/commit/ac07cb2440ceff94b3001728c1611fc471253d19
Comment 4 errata-xmlrpc 2018-05-03 19:04:57 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Fuse

Via RHSA-2018:1322 https://access.redhat.com/errata/RHSA-2018:1322
Note You need to log in before you can comment on or make changes to this bug.