Goobi.Production

hard coded root login

Bug #938537 reported by Ralf Claussnitzer
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Goobi.Production
Fix Released
Critical
Unassigned
Goobi.Production 1.7.1
1.7
Fix Released
Critical
Unassigned
Goobi.Production 1.7.1

Bug Description

LoginForm class implements hard coded root log in for log in name "root" with password md5 "c01dc87e699e49cba16cf22f99eec00c". Clear text to this password hash is not available on Google, yet.

Tags: login security

Related branches

lp:~ralf-claussnitzer-deactivatedaccount/goobi-production/bug-938537
Henning Gerhardt: Approve
Diff: 126 lines (+18/-45)
1 file modified
src/de/sub/goobi/forms/LoginForm.java (+18/-45)
Ralf Claussnitzer (ralf-claussnitzer-deactivatedaccount)
Changed in goobi-production:
assignee: nobody → Ralf Claussnitzer (ralf-claussnitzer)
milestone: none → ce-1.7.1
status: Confirmed → In Progress
Ralf Claussnitzer (ralf-claussnitzer-deactivatedaccount)
Changed in goobi-production:
status: In Progress → Fix Committed
Ralf Claussnitzer (ralf-claussnitzer-deactivatedaccount)
visibility: private → public
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.