0005491: Users with weak passwords and no shell can become mail relays

ClearFoundation Tracker - ClearOS
View Issue Details

ID	Project	Category	View Status	Date Submitted	Last Update
0005491	ClearOS	app-ssh-server - SSH Server	public	2015-10-07 12:08	2016-12-22 09:30

Reporter	bchambers
Assigned To	user2
Priority	normal	Severity	minor	Reproducibility	sometimes
Status	closed	Resolution	fixed
Platform		OS		OS Version
Product Version	7.1.0 RC1
Target Version	7.3.0 Beta 1	Fixed in Version	7.3.0 Beta 1

Summary	0005491: Users with weak passwords and no shell can become mail relays
Description	Customer was using Active Directory connector. A user in the AD had a weak username/password combo...very weak. Not limited to AD connector...LDAP user with weak user/pass would also be susceptible. Looks like this hack was used that we've seen once or twice before to become a spam relay: https://www.rackaid.com/blog/spam-ssh-tunnel/ [^] As per doc, we should really ship SSH with default: AllowTCPForwarding no And expose this variable in Webconfig.
Steps To Reproduce
Additional Information	Why am I having Deja vu? No tracker was ever submitted?
Tags	No tags attached.
Relationships
Attached Files

Issue History
Date Modified	Username	Field	Change
2015-10-07 12:08	bchambers	New Issue
2015-10-07 12:33	user2	Status	new => confirmed
2016-09-20 14:58	user2	Status	confirmed => resolved
2016-09-20 14:58	user2	Fixed in Version	=> 7.3.0 Beta 1
2016-09-20 14:58	user2	Resolution	open => fixed
2016-09-20 14:58	user2	Assigned To	=> user2
2016-09-20 14:58	user2	Target Version	=> 7.3.0 Beta 1
2016-11-16 09:12	user2	Target Version	7.3.0 Beta 1 => 7.3.0 Beta 1
2016-11-16 09:12	user2	Fixed in Version	7.3.0 Beta 1 => 7.3.0 Beta 1
2016-12-20 11:40	user2	Issue cloned: 0012021
2016-12-20 11:40	user2	Relationship added	related to 0012021
2016-12-22 09:30	user2	Status	resolved => closed

There are no notes attached to this issue.