webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,958 Commits 2 Branches 1 Tag
0effbb3569624f42550310689aaf94d726cd9d0e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Peter Müller 0effbb3569 fix WebUI system information leak 
Disable unauthenticated access to cgi-bin/credits.cgi. The page
leaks the currently installed version of IPFire and the hardware
architecture.

Both information might make a successful attack much easier.

This issue can be reproduced by accessing https://[IPFire-IP]:444/cgi-bin/credits.cgi
and accepting a SSL certificate warning (if any).

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2017-09-04 12:25:23 +01:00
config
fix WebUI system information leak
2017-09-04 12:25:23 +01:00
doc
index.cgi: Show WiFi properties on front page
2017-05-16 16:02:25 +02:00
html
WIO: patch log.dat to show wio logs
2017-08-15 11:45:51 +01:00
langs
update german translations
2017-09-04 12:25:01 +01:00
lfs
strongswan: Update to 5.6.0
2017-08-23 20:03:21 +01:00
src
unbound: flush negative and bogus at update forwarders
2017-08-30 19:00:40 +02:00
tools
make-functions: move MAKETUNING before make
2017-07-08 15:31:15 +02:00
.gitignore
Buildsystem: generate image md5sums.
2011-01-01 11:40:19 +01:00
.mailmap
Add .mailmap.
2010-01-22 11:37:55 +01:00
make.sh
close core113
2017-08-18 00:28:47 +02:00
Description
No description provided
101 MiB
Languages
Perl 70.4%
Shell 23%
C 4%
Python 0.6%
Makefile 0.5%
Other 1.4%