Google Git
Sign in
apache / openmeetings-site / 6bd13008b6e57840acbf974e9870e75d1ebe97a2 / . / security.html
blob: 21f040bd54b3ff12ec17a23c6eee5a939e5cf3f6 [file] [log] [blame]
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.7.1 at 2016-09-23
| Rendered using Apache Maven Fluido Skin 1.5
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="author" content="Apache OpenMeetings Team" />
<meta name="Date-Revision-yyyymmdd" content="20160923" />
<meta http-equiv="Content-Language" content="en" />
<title>Apache OpenMeetings Project &#x2013; Security Vulnerabilities</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.5.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.5.min.js"></script>
<script type="text/javascript" src="http://openmeetings.apache.org/js/site.js"></script>
</head>
<body class="topBarDisabled">
<div class="container-fluid">
<div id="banner">
<div class="pull-left">
<a href="index.html" id="bannerLeft">
<img src="images/logo.png" alt="Apache OpenMeetings"/>
</a>
</div>
<div class="pull-right"> <a href="http://apache.org" id="bannerRight">
<img src="http://apache.org/img/asf_logo.png" alt="Apache"/>
</a>
</div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li id="publishDate">Last Published: 2016-09-23
</li>
<li class="pull-right">
<span class="divider">|</span>
<a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS" class="externalLink" title="Wiki">
Wiki</a>
</li>
<li class="pull-right">
<span class="divider">|</span>
<a href="installation.html" title="Installation">
Installation</a>
</li>
<li class="pull-right">
<span class="divider">|</span>
<a href="downloads.html" title="Download">
Download</a>
</li>
<li class="pull-right">
<a href="demo.html" title="Demo">
Demo</a>
</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li>
<a href="#general" title="General">
<span class="icon-chevron-down"></span>
General</a>
<ul class="nav nav-list">
<li>
<a href="index.html" title="Home">
<span class="none"></span>
Home</a>
</li>
<li>
<a href="demo.html" title="Demo">
<span class="none"></span>
Demo</a>
</li>
<li>
<a href="license.html" title="License">
<span class="none"></span>
License</a>
</li>
<li>
<a href="http://www.apache.org/" class="externalLink" title="ASF">
<span class="none"></span>
ASF</a>
</li>
<li>
<a href="downloads.html" title="Downloads">
<span class="none"></span>
Downloads</a>
</li>
<li>
<a href="CallForLogo.html" title="Call For Logo">
<span class="none"></span>
Call For Logo</a>
</li>
<li>
<a href="NewsArchive.html" title="News archive">
<span class="none"></span>
News archive</a>
</li>
<li class="active">
<a href="#"><span class="none"></span>Security</a>
</li>
<li>
<a href="commercial-support.html" title="Commercial Support">
<span class="none"></span>
Commercial Support</a>
</li>
</ul>
</li>
<li>
<a href="#installation" title="Installation and Upgrade">
<span class="icon-chevron-down"></span>
Installation and Upgrade</a>
<ul class="nav nav-list">
<li>
<a href="installation.html" title="Installation">
<span class="none"></span>
Installation</a>
</li>
<li>
<a href="Upgrade.html" title="Upgrade">
<span class="none"></span>
Upgrade</a>
</li>
<li>
<a href="https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools" class="externalLink" title="Tutorials">
<span class="none"></span>
Tutorials</a>
</li>
<li>
<a href="CommandLineAdmin.html" title="Command Line Admin">
<span class="none"></span>
Command Line Admin</a>
</li>
</ul>
</li>
<li>
<a href="#community" title="Community">
<span class="icon-chevron-down"></span>
Community</a>
<ul class="nav nav-list">
<li>
<a href="get-involved.html" title="Get Involved">
<span class="none"></span>
Get Involved</a>
</li>
<li>
<a href="team-list.html" title="Committers">
<span class="none"></span>
Committers</a>
</li>
<li>
<a href="mail-lists.html" title="Mailing Lists">
<span class="none"></span>
Mailing Lists</a>
</li>
<li>
<a href="http://cwiki.apache.org/confluence/display/OPENMEETINGS/" class="externalLink" title="Wiki">
<span class="none"></span>
Wiki</a>
</li>
</ul>
</li>
<li>
<a href="#dev" title="Development">
<span class="icon-chevron-down"></span>
Development</a>
<ul class="nav nav-list">
<li>
<a href="source-repository.html" title="Source Code">
<span class="none"></span>
Source Code</a>
</li>
<li>
<a href="issue-tracking.html" title="Bugs / Issues">
<span class="none"></span>
Bugs / Issues</a>
</li>
<li>
<a href="dependencies.html" title="Dependencies">
<span class="none"></span>
Dependencies</a>
</li>
<li>
<a href="integration.html" title="Continuous Integration">
<span class="none"></span>
Continuous Integration</a>
</li>
<li>
<a href="BuildInstructions_3.0.x.html" title="Build Instructions 3.0.x">
<span class="none"></span>
Build Instructions 3.0.x</a>
</li>
<li>
<a href="BuildInstructions.html" title="Build Instructions">
<span class="none"></span>
Build Instructions</a>
</li>
<li>
<a href="JUnitTesting.html" title="JUnit Testing">
<span class="none"></span>
JUnit Testing</a>
</li>
<li>
<a href="ManualTesting.html" title="Manual Testing">
<span class="none"></span>
Manual Testing</a>
</li>
<li>
<a href="ReleaseGuide.html" title="Release Guide">
<span class="none"></span>
Release Guide</a>
</li>
<li>
<a href="WebsiteGuide.html" title="Website Guide">
<span class="none"></span>
Website Guide</a>
</li>
</ul>
</li>
<li>
<a href="#integration" title="Integration">
<span class="icon-chevron-down"></span>
Integration</a>
<ul class="nav nav-list">
<li>
<a href="openmeetings-webservice/apidocs/index.html" target="_blank" title="SOAP/REST API">
<span class="none"></span>
SOAP/REST API</a>
</li>
<li>
<a href="RestAPISample.html" title="REST API Sample">
<span class="none"></span>
REST API Sample</a>
</li>
<li>
<a href="LdapAndADS.html" title="Ldap and ADS">
<span class="none"></span>
Ldap and ADS</a>
</li>
<li>
<a href="oauth2.html" title="OAuth2">
<span class="none"></span>
OAuth2</a>
</li>
<li>
<a href="voip-sip-integration.html" title="VoIP and SIP">
<span class="none"></span>
VoIP and SIP</a>
</li>
<li>
<a href="errorvalues.html" title="Errors table">
<span class="none"></span>
Errors table</a>
</li>
</ul>
</li>
<li>
<a href="#plugins" title="Plugins">
<span class="icon-chevron-down"></span>
Plugins</a>
<ul class="nav nav-list">
<li>
<a href="MoodlePlugin.html" title="Moodle Plugin">
<span class="none"></span>
Moodle Plugin</a>
</li>
<li>
<a href="SakaiPlugin.html" title="Sakai Plugin">
<span class="none"></span>
Sakai Plugin</a>
</li>
<li>
<a href="JiraPlugin.html" title="Jira Plugin">
<span class="none"></span>
Jira Plugin</a>
</li>
<li>
<a href="JoomlaPlugin.html" title="Joomla Plugin">
<span class="none"></span>
Joomla Plugin</a>
</li>
<li>
<a href="DrupalPlugin.html" title="Drupal Plugin">
<span class="none"></span>
Drupal Plugin</a>
</li>
<li>
<a href="BitrixPlugin.html" title="Bitrix Plugin">
<span class="none"></span>
Bitrix Plugin</a>
</li>
<li>
<a href="ConfluencePlugin.html" title="Confluence Plugin">
<span class="none"></span>
Confluence Plugin</a>
</li>
<li>
<a href="SugarCRMPlugin.html" title="SugarCRM Plugin">
<span class="none"></span>
SugarCRM Plugin</a>
</li>
<li>
<a href="RedminePlugin.html" title="Redmine Plugin">
<span class="none"></span>
Redmine Plugin</a>
</li>
</ul>
</li>
<li>
<a href="#config" title="Configuration">
<span class="icon-chevron-down"></span>
Configuration</a>
<ul class="nav nav-list">
<li>
<a href="#db" title="DB Sample Configurations">
<span class="icon-chevron-down"></span>
DB Sample Configurations</a>
<ul class="nav nav-list">
<li>
<a href="ApacheDerbyConfig.html" title="Apache Derby">
<span class="none"></span>
Apache Derby</a>
</li>
<li>
<a href="IBMDB2Config.html" title="IBM DB2">
<span class="none"></span>
IBM DB2</a>
</li>
<li>
<a href="OracleConfig.html" title="Oracle">
<span class="none"></span>
Oracle</a>
</li>
<li>
<a href="MySQLConfig.html" title="MySQL">
<span class="none"></span>
MySQL</a>
</li>
<li>
<a href="PostgresConfig.html" title="Postgres">
<span class="none"></span>
Postgres</a>
</li>
<li>
<a href="MSSQLConfig.html" title="MSSQL">
<span class="none"></span>
MSSQL</a>
</li>
</ul>
</li>
<li>
<a href="#localization" title="Localization and languages">
<span class="icon-chevron-down"></span>
Localization and languages</a>
<ul class="nav nav-list">
<li>
<a href="Internationalisation.html" title="Internationalisation">
<span class="none"></span>
Internationalisation</a>
</li>
<li>
<a href="LanguageEditor.html" title="LanguageEditor">
<span class="none"></span>
LanguageEditor</a>
</li>
<li>
<a href="TimeZoneHandling.html" title="TimeZoneHandling">
<span class="none"></span>
TimeZoneHandling</a>
</li>
<li>
<a href="EditTemplates.html" title="EditTemplates">
<span class="none"></span>
EditTemplates</a>
</li>
</ul>
</li>
<li>
<a href="#port" title="NAT Port Settings">
<span class="icon-chevron-down"></span>
NAT Port Settings</a>
<ul class="nav nav-list">
<li>
<a href="PortSettings.html" title="Port settings">
<span class="none"></span>
Port settings</a>
</li>
</ul>
</li>
<li>
<a href="#performance" title="Performance">
<span class="icon-chevron-down"></span>
Performance</a>
<ul class="nav nav-list">
<li>
<a href="JVMPerformanceTuning.html" title="JVM performance tuning">
<span class="none"></span>
JVM performance tuning</a>
</li>
<li>
<a href="NetworkCalculator.html" title="Network bandwidth calculator">
<span class="none"></span>
Network bandwidth calculator</a>
</li>
</ul>
</li>
<li>
<a href="#interface" title="User Interface">
<span class="icon-chevron-down"></span>
User Interface</a>
<ul class="nav nav-list">
<li>
<a href="themes-and-branding.html" title="Themes">
<span class="none"></span>
Themes</a>
</li>
<li>
<a href="Dashboard.html" title="Dashboard">
<span class="none"></span>
Dashboard</a>
</li>
<li>
<a href="WebcamResolutions.html" title="Webcam resolutions">
<span class="none"></span>
Webcam resolutions</a>
</li>
<li>
<a href="ConferenceRoomLayoutOptions.html" title="Room layout options">
<span class="none"></span>
Room layout options</a>
</li>
<li>
<a href="HotKeys.html" title="Hot Keys">
<span class="none"></span>
Hot Keys</a>
</li>
</ul>
</li>
<li>
<a href="#customize" title="Customization">
<span class="icon-chevron-down"></span>
Customization</a>
<ul class="nav nav-list">
<li>
<a href="WebappNamePath.html" title="Webapp name/path">
<span class="none"></span>
Webapp name/path</a>
</li>
<li>
<a href="Navigation.html" title="Navigation">
<span class="none"></span>
Navigation</a>
</li>
<li>
<a href="CalendarAndTimezone.html" title="Calendar and timezone">
<span class="none"></span>
Calendar and timezone</a>
</li>
<li>
<a href="CustomRoomTypeHowTo.html" title="Custom room type">
<span class="none"></span>
Custom room type</a>
</li>
<li>
<a href="CustomCryptMechanism.html" title="Custom crypt mechanism">
<span class="none"></span>
Custom crypt mechanism</a>
</li>
<li>
<a href="GeneralConfiguration.html" title="General Configuration">
<span class="none"></span>
General Configuration</a>
</li>
</ul>
</li>
<li>
<a href="#security" title="Security">
<span class="icon-chevron-down"></span>
Security</a>
<ul class="nav nav-list">
<li>
<a href="RestrictedAccess.html" title="Restricted Access">
<span class="none"></span>
Restricted Access</a>
</li>
<li>
<a href="RTMPSAndHTTPS.html" title="RTMPS and HTTPS">
<span class="none"></span>
RTMPS and HTTPS</a>
</li>
</ul>
</li>
<li>
<a href="#convert" title="Converters">
<span class="icon-chevron-down"></span>
Converters</a>
<ul class="nav nav-list">
<li>
<a href="OpenOfficeConverter.html" title="OpenOffice Converter">
<span class="none"></span>
OpenOffice Converter</a>
</li>
<li>
<a href="FFMPEGVersionSwitch.html" title="FFMPEG Version Switch">
<span class="none"></span>
FFMPEG Version Switch</a>
</li>
</ul>
</li>
<li>
<a href="#cluster" title="Clustering">
<span class="icon-chevron-down"></span>
Clustering</a>
<ul class="nav nav-list">
<li>
<a href="Clustering.html" title="Clustering">
<span class="none"></span>
Clustering</a>
</li>
</ul>
</li>
<li>
<a href="#misc" title="Misc">
<span class="icon-chevron-down"></span>
Misc</a>
<ul class="nav nav-list">
<li>
<a href="GetVersionInfo.html" title="Get version info">
<span class="none"></span>
Get version info</a>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<hr />
<div id="poweredBy">
<div class="clear"></div>
<div class="clear"></div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
</a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<div class="section">
<h2><a name="Security_Vulnerabilities"></a>Security Vulnerabilities</h2>
<p>Please note that binary patches are not produced for individual vulnerabilities. To obtain the
binary fix for a particular vulnerability you should upgrade to an Apache OpenMeetings version
where that vulnerability has been fixed.<br />
<br />
For more information about reporting vulnerabilities, see the
<a class="externalLink" href="https://www.apache.org/security/">Apache Security Team</a> page.<br />
<br />
<a class="externalLink" href="https://www.apache.org/security/committers.html#vulnerability-handling">Vulnerability handling guide</a>
</p>
</div>
<div class="section">
<h2><a name="Reporting_New_Security_Problems"></a>Reporting New Security Problems</h2>
<p>
Please report any security errors to security@openmeetings.apache.org<br />
<br />
Please NOTE: only security issues should be reported to this list.
</p>
</div>
<div class="section">
<h2><a name="CVE-2016-3089_-_Apache_OpenMeetings_XSS_in_SWF_panel"></a>CVE-2016-3089 - Apache OpenMeetings XSS in SWF panel</h2>
<p>Severity: Moderate</p>
<p>Vendor: The Apache Software Foundation</p>
<p>Versions Affected: Apache OpenMeetings 3.1.0</p>
<p>Description: The value of the URL's &quot;swf&quot; query parameter is interpolated into the JavaScript tag without
being escaped, leading to the reflected XSS.<br />
<a class="externalLink" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3089">CVE-2016-3089</a>
</p>
<p>All users are recommended to upgrade to Apache OpenMeetings 3.1.2</p>
<p>Credit: This issue was identified by Matthew Daley</p>
</div>
<div class="section">
<h2><a name="CVE-2016-0783_-_Predictable_password_reset_token"></a>CVE-2016-0783 - Predictable password reset token</h2>
<p>Severity: Critical</p>
<p>Vendor: The Apache Software Foundation</p>
<p>Versions Affected: Apache OpenMeetings 1.9.x - 3.1.0</p>
<p>Description: The hash generated by the external password reset function is generated by concatenating the user
name and the current system time, and then hashing it using MD5. This is highly predictable and
can be cracked in seconds by an attacker with knowledge of the user name of an OpenMeetings
user.<br />
<a class="externalLink" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0783">CVE-2016-0783</a>
</p>
<p>All users are recommended to upgrade to Apache OpenMeetings 3.1.1</p>
<p>Credit: This issue was identified by Andreas Lindh</p>
</div>
<div class="section">
<h2><a name="CVE-2016-0784_-_ZIP_file_path_traversal"></a>CVE-2016-0784 - ZIP file path traversal</h2>
<p>Severity: Moderate</p>
<p>Vendor: The Apache Software Foundation</p>
<p>Versions Affected: Apache OpenMeetings 1.9.x - 3.1.0</p>
<p>Description: The Import/Export System Backups functionality in the OpenMeetings Administration menu
(http://domain:5080/openmeetings/#admin/backup) is vulnerable to path traversal via specially
crafted file names within ZIP archives. By uploading an archive containing a file named
../../../public/hello.txt will write the file &#x201c;hello.txt&#x201d; to the http://domain:5080/openmeetings/public/
directory. This could be used to, for example, overwrite the /usr/bin/convert file (or any other 3 rd
party integrated executable) with a shell script, which would be executed the next time an image file
is uploaded and imagemagick is invoked.<br />
<a class="externalLink" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0784">CVE-2016-0784</a>
</p>
<p>All users are recommended to upgrade to Apache OpenMeetings 3.1.1</p>
<p>Credit: This issue was identified by Andreas Lindh</p>
</div>
<div class="section">
<h2><a name="CVE-2016-2163_-_Stored_Cross_Site_Scripting_in_Event_description"></a>CVE-2016-2163 - Stored Cross Site Scripting in Event description</h2>
<p>Severity: Moderate</p>
<p>Vendor: The Apache Software Foundation</p>
<p>Versions Affected: Apache OpenMeetings 1.9.x - 3.0.7</p>
<p>Description: When creating an event, it is possible to create clickable URL links in the event description. These
links will be present inside the event details once a participant enters the room via the event. It is
possible to create a link like &quot;javascript:alert('xss')&quot;, which will execute once the link is clicked. As
the link is placed within an &lt;a&gt; tag, the actual link is not visible to the end user which makes it hard
to tell if the link is legit or not.<br />
<a class="externalLink" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2163">CVE-2016-2163</a>
</p>
<p>All users are recommended to upgrade to Apache OpenMeetings 3.1.1</p>
<p>Credit: This issue was identified by Andreas Lindh</p>
</div>
<div class="section">
<h2><a name="CVE-2016-2164_-_Arbitrary_file_read_via_SOAP_API"></a>CVE-2016-2164 - Arbitrary file read via SOAP API</h2>
<p>Severity: Critical</p>
<p>Vendor: The Apache Software Foundation</p>
<p>Versions Affected: Apache OpenMeetings 1.9.x - 3.0.7</p>
<p>Description: When attempting to upload a file via the API using the importFileByInternalUserId or importFile
methods in the FileService, it is possible to read arbitrary files from the system. This is due to that
Java's URL class is used without checking what protocol handler is specified in the API call.<br />
<a class="externalLink" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2164">CVE-2016-2164</a>
</p>
<p>All users are recommended to upgrade to Apache OpenMeetings 3.1.1</p>
<p>Credit: This issue was identified by Andreas Lindh</p>
</div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2016
<a href="http://apache.org">Apache Software Foundation</a>.
All rights reserved.
</p>
</div>
</div>
</footer>
</body>
</html>