[jboss-jira] [JBoss JIRA] (SECURITY-833) EXTC with timeout not properly detected by loadPassword utility in login modules
Ivo Studensky (JIRA)
issues at jboss.org
Tue Jun 17 08:52:25 EDT 2014
[ https://issues.jboss.org/browse/SECURITY-833?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12977005#comment-12977005 ]
Ivo Studensky commented on SECURITY-833:
----------------------------------------
PR sent:
https://github.com/picketbox/picketbox/pull/6
> EXTC with timeout not properly detected by loadPassword utility in login modules
> --------------------------------------------------------------------------------
>
> Key: SECURITY-833
> URL: https://issues.jboss.org/browse/SECURITY-833
> Project: PicketBox
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: JBossSX
> Affects Versions: PicketBox_4_0_20.Beta2
> Reporter: Ivo Studensky
> Assignee: Peter Skopek
> Fix For: PicketBox_4_0_19.SP6
>
>
> Using cached external command with time out to get user credential in login modules if not properly detected as to call the external command.
> Example: {EXTC:1000}/usr/bin/getmysecretpwd
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the jboss-jira
mailing list