1193675 – (cobbler_log_pollute) AUDIT-FIND: COBBLER - log file pollution

Bug 1193675 (cobbler_log_pollute) - AUDIT-FIND: COBBLER - log file pollution

Summary: AUDIT-FIND: COBBLER - log file pollution

Status:	RESOLVED FIXED

Alias:	cobbler_log_pollute

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P5 - None Severity: Normal
Target Milestone:	---
Assignee:	Enno Gotthold
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	1191952
	Show dependency tree / graph

Clone This Bug

Reported:	2021-12-13 13:52 UTC by Paolo Perego
Modified:	2024-01-17 09:24 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Paolo Perego 2021-12-13 13:52:03 UTC

In modules/installation/pre_log.py, line 34 some user controller inputs are appended in /var/log/cobbler/install.log log file without sanitization. 

This can lead to a log pollution scenario.

Comment 1 Enno Gotthold 2022-01-19 12:48:37 UTC

In modules/installation/post_log.py the same is applicable.

Comment 2 Paolo Perego 2022-01-19 14:19:53 UTC

Great that you spotted another one :)

Comment 4 Thomas Leroy 2022-02-08 15:51:24 UTC

The injection pattern is present in the following codestreams:
- SUSE:SLE-11-SP3:Update/cobbler
- SUSE:SLE-11-SP3:Update:Products:ManagerToolsBeta:Update/cobbler	
- SUSE:SLE-12:Update/cobbler
- SUSE:SLE-12:Update:Products:ManagerToolsBeta:Update/cobbler 	
- SUSE:SLE-15-SP2:Update:Products:Manager41:Update/cobbler
- SUSE:SLE-15-SP3:Update:Products:Manager42:Update/cobbler		
- SUSE:SLE-15-SP4:Update:Products:Manager43:Update/cobbler
- openSUSE:Factory/cobbler
- openSUSE:Backports:SLE-15-SP3/cobbler
- openSUSE:Backports:SLE-15-SP4:Update/cobbler

Koan is not affected.

Comment 9 Swamp Workflow Management 2022-02-18 14:29:42 UTC

SUSE-SU-2022:0510-1: An update that solves two vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1193671,1193673,1193675,1193676,1193678,1195906,1195918
CVE References: CVE-2021-45082,CVE-2021-45083
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (src):    cobbler-3.0.0+git20190806.32c4bae0-8.22.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 10 Swamp Workflow Management 2022-02-18 14:32:13 UTC

SUSE-SU-2022:0509-1: An update that solves two vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1193671,1193673,1193675,1193676,1193678,1195906,1195918
CVE References: CVE-2021-45082,CVE-2021-45083
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (src):    cobbler-3.1.2-150300.5.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 11 Paolo Perego 2022-02-18 14:35:20 UTC

Fixed in upstream commit: https://github.com/cobbler/cobbler/commit/e06e704c2c11303c8c3bedcb3fdf9a9eed4a0b0d

Comment 12 Swamp Workflow Management 2022-03-01 20:20:38 UTC

openSUSE-SU-2022:0062-1: An update that solves 6 vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1184561,1185679,1186124,1189458,1193671,1193673,1193675,1193676,1193678,1194333,1195906,1195918
CVE References: CVE-2021-40323,CVE-2021-40324,CVE-2021-40325,CVE-2021-45082,CVE-2021-45083,CVE-2021-45942
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    openexr-2.2.1-3.41.1
openSUSE Backports SLE-15-SP3 (src):    cobbler-3.1.2-bp153.2.3.1