• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

NFS server misconfiguration allows file access outside the exported directory

Scheduled Pinned Locked Moved
Security Advisories
1
2
217
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    Tom Elliott
    last edited by Jul 12, 2024, 12:36 PM

    https://github.com/FOGProject/fogproject/security/advisories/GHSA-3xjr-xf9v-hwjh

    This issue after our initial fix we still allowed some insecure locks. This was reported after the root vulnerability was patched. This addressed in dev-branch and working-1.6

    Thanks all.

    Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

    Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

    Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

    T 1 Reply Last reply Jul 12, 2024, 12:37 PM Reply Quote 0
    • T
      Tom Elliott @Tom Elliott
      last edited by Tom Elliott Jul 12, 2024, 6:38 AM Jul 12, 2024, 12:37 PM

      This was reported and tested and reported by the github username philipp-tg.

      Thank you!

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      1 Reply Last reply Reply Quote 0
      • 1 / 1
      1 / 1
      • First post
        2/2
        Last post

      158

      Online

      12.0k

      Users

      17.3k

      Topics

      155.2k

      Posts
      Copyright © 2012-2024 FOG Project