Package: dtc-common
Version: 0.29.17-1
Severity: grave
Tags: upstream security
dtc stores user passwords unencrypted in the database:
$q = "INSERT INTO $pro_mysql_new_admin_table
(reqadm_login,
reqadm_pass,
[...]
VALUES('".$_REQUEST["reqadm_login"]."',
'".$_REQUEST["reqadm_pass"]."',
(from client/new_account_form.php)
This can be verified by executing "SELECT * FROM admin" in dtc's MySQL
database which shows the administrator password after installation.
dtc also stores passwords for various servives (FTP, ...). I have not
looked if passwords are hashed there.
The code in unstable (dtc/0.32.5-1) seems to have the same problems.
Ansgar
_______________________________________________
Secure-testing-team mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
