Anonymous | Login | 2024-11-22 23:28 EST |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||
0001209 | PacketFence | web admin | public | 2011-04-15 09:44 | 2011-10-25 09:01 | |||
Reporter | obilodeau | |||||||
Assigned To | obilodeau | |||||||
Priority | normal | Severity | minor | Reproducibility | random | |||
Status | closed | Resolution | fixed | |||||
Platform | OS | OS Version | ||||||
Product Version | ||||||||
Target Version | 2.2.0 | Fixed in Version | 2.2.0 | |||||
Summary | 0001209: problematic password validation | |||||||
Description | Password validation on the Web UI is sketchy. There's an arbitrary length and a regexp validation on the first character that seems unnecessary for a password field never intended to be displayed (no XSS). Passwords like !12345 currently fails. Get rid of the validation. | |||||||
Tags | No tags attached. | |||||||
fixed in git revision | ||||||||
fixed in mtn revision | 61d19ed0e299247522c5a47138a25445bcdc7ac1 | |||||||
Attached Files | ||||||||
Relationships | ||||||
|
Notes | |
(0002028) obilodeau (reporter) 2011-04-15 09:44 |
Turns out passwords should be validated at least against nulls since ldap_bind with a null value does an anonymous bind. |
Issue History | |||
Date Modified | Username | Field | Change |
2011-04-15 09:44 | obilodeau | New Issue | |
2011-04-15 09:44 | obilodeau | Status | new => assigned |
2011-04-15 09:44 | obilodeau | Assigned To | => obilodeau |
2011-04-15 09:44 | obilodeau | Note Added: 0002028 | |
2011-04-15 09:55 | obilodeau | mtn revision | => 61d19ed0e299247522c5a47138a25445bcdc7ac1 |
2011-04-15 09:55 | obilodeau | Status | assigned => resolved |
2011-04-15 09:55 | obilodeau | Fixed in Version | => +1 |
2011-04-15 09:55 | obilodeau | Resolution | open => fixed |
2011-05-04 11:32 | obilodeau | Fixed in Version | +1 => 2.2.0 |
2011-05-04 11:40 | obilodeau | Status | resolved => closed |
2011-10-12 15:07 | obilodeau | Relationship added | related to 0001293 |
2011-10-25 09:01 | obilodeau | Target Version | +1 => 2.2.0 |
Copyright © 2000 - 2012 MantisBT Group |