ZABBIX BUGS AND ISSUES

Lack of permission checks in Frontend.

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Minor Minor
  • Resolution: Fixed
  • Affects Version/s: 2.0.4, 2.1.0
  • Fix Version/s: 2.0.4rc1, 2.1.0
  • Component/s: Frontend (F)
  • Labels:
    None
  • Zabbix ID:
    RTF

Description

It is possible to open many pages with incorrect ID and see undefined indexes or no data. Instead correct error message must be showen. Code must be similar with:
$myIds = get_request('myid');
if (empty($myIds)) {
access_deny();
}

Affected pages:
Administration->General->Icon mapping
Administration->General->Images
Administration->General->Value mapping
Administration->General->Regular expressions
Administration->MediaTypes
.. and others

Issue Links

Activity

Hide
Oleg Egorov added a comment - - edited

Fixed error after deleting image:
Undefined index: name [adm.images.php:114]
If refresh page after delete.

Show
Oleg Egorov added a comment - - edited Fixed error after deleting image: Undefined index: name [adm.images.php:114] If refresh page after delete.
Hide
Oleg Egorov added a comment - - edited

Affected pages:
...
Administration->General->Users
Administration->General->Users groups
Administration->General->Media types
Administration->General->DM
Administration->Configuration->Discovery
Administration->Configuration->Slide shows
Administration->Configuration->Web
Administration->Configuration->Maintenance
Administration->Configuration->Host->Applications

Oleg Egorov RESOLVED IN svn://svn.zabbix.com/branches/dev/ZBX-5700 r30942

Show
Oleg Egorov added a comment - - edited Affected pages: ... Administration->General->Users Administration->General->Users groups Administration->General->Media types Administration->General->DM Administration->Configuration->Discovery Administration->Configuration->Slide shows Administration->Configuration->Web Administration->Configuration->Maintenance Administration->Configuration->Host->Applications Oleg Egorov RESOLVED IN svn://svn.zabbix.com/branches/dev/ZBX-5700 r30942
Hide
Eduards Samersovs added a comment - - edited

(1) Require put id validation also on delete. For example in slide shows if we with hands open url "slideconf.php?delete=1&form=update&slideshowid=2000000&sid=45b2c4a742fe312a" with incorrect slideshowid nothing happens, but must be access_deny() error.

Oleg Egorov RESOLVED

Show
Eduards Samersovs added a comment - - edited (1) Require put id validation also on delete. For example in slide shows if we with hands open url "slideconf.php?delete=1&form=update&slideshowid=2000000&sid=45b2c4a742fe312a" with incorrect slideshowid nothing happens, but must be access_deny() error. Oleg Egorov RESOLVED
Hide
Eduards Samersovs added a comment - - edited

(2) Please move permission checks on top of php script (after input params validation).

Oleg Egorov RESOLVED IN svn://svn.zabbix.com/branches/dev/ZBX-5700 r31013

Show
Eduards Samersovs added a comment - - edited (2) Please move permission checks on top of php script (after input params validation). Oleg Egorov RESOLVED IN svn://svn.zabbix.com/branches/dev/ZBX-5700 r31013
Hide
Oleg Egorov added a comment -

Fixed duplicates in audit log after deleting

Show
Oleg Egorov added a comment - Fixed duplicates in audit log after deleting
Hide
Oleg Egorov added a comment -

Fixed problem with spaces in audit log

Show
Oleg Egorov added a comment - Fixed problem with spaces in audit log
Hide
Eduards Samersovs added a comment - - edited

(3) Please use get_slideshow_by_slideshowid() in slideconf.php line 66

Oleg Egorov RESOLVED
Eduards Samersovs CLOSED

Show
Eduards Samersovs added a comment - - edited (3) Please use get_slideshow_by_slideshowid() in slideconf.php line 66 Oleg Egorov RESOLVED Eduards Samersovs CLOSED
Hide
Eduards Samersovs added a comment - - edited

(4) It's still possible to call page with incorrect IDs through GO methods, for example in slide shows: slideconf.php?shows=1000000&go=delete&sid=45b2c4a742fe312a

Oleg Egorov RESOLVED
Eduards Samersovs CLOSED

Show
Eduards Samersovs added a comment - - edited (4) It's still possible to call page with incorrect IDs through GO methods, for example in slide shows: slideconf.php?shows=1000000&go=delete&sid=45b2c4a742fe312a Oleg Egorov RESOLVED Eduards Samersovs CLOSED
Hide
Eduards Samersovs added a comment - - edited

(5) Please rename variable $db_proxy (in proxies.php) to $dbProxies. Because we use "Java style" for variables and "s" because it's return multiple rows. Same for over pages to..

Oleg Egorov RESOLVED
Eduards Samersovs CLOSED, perfect!

Show
Eduards Samersovs added a comment - - edited (5) Please rename variable $db_proxy (in proxies.php) to $dbProxies. Because we use "Java style" for variables and "s" because it's return multiple rows. Same for over pages to.. Oleg Egorov RESOLVED Eduards Samersovs CLOSED, perfect!
Hide
Eduards Samersovs added a comment - - edited

(6) If you see old unformatted code be happy to fix it, for example in adm.images.php line:46
incorrect:
$db_image = DBfetch(DBselect('SELECT i.imagetype,i.name FROM images i WHERE i.imageid = '.get_request('imageid')));
correct:
$dbImage = DBfetch(DBselect('SELECT i.imagetype,i.name FROM images i WHERE i.imageid='.get_request('imageid')));

Oleg Egorov RESOLVED
Eduards Samersovs CLOSED

Show
Eduards Samersovs added a comment - - edited (6) If you see old unformatted code be happy to fix it, for example in adm.images.php line:46 incorrect: $db_image = DBfetch(DBselect('SELECT i.imagetype,i.name FROM images i WHERE i.imageid = '.get_request('imageid'))); correct: $dbImage = DBfetch(DBselect('SELECT i.imagetype,i.name FROM images i WHERE i.imageid='.get_request('imageid'))); Oleg Egorov RESOLVED Eduards Samersovs CLOSED
Hide
Eduards Samersovs added a comment - - edited

This issue must fix also ZBX-4185 and ZBX-4186. Need to be re-tested.

Oleg Egorov RESOLVED IN svn://svn.zabbix.com/branches/dev/ZBX-5700 r31070
Eduards Samersovs CLOSED

Show
Eduards Samersovs added a comment - - edited This issue must fix also ZBX-4185 and ZBX-4186. Need to be re-tested. Oleg Egorov RESOLVED IN svn://svn.zabbix.com/branches/dev/ZBX-5700 r31070 Eduards Samersovs CLOSED
Hide
Eduards Samersovs added a comment - - edited

(7) Suggest do optimization for permissions check on GO, as we discussed.

Oleg Egorov RESOLVED IN r31080
Eduards Samersovs CLOSED, Perfect!

Show
Eduards Samersovs added a comment - - edited (7) Suggest do optimization for permissions check on GO, as we discussed. Oleg Egorov RESOLVED IN r31080 Eduards Samersovs CLOSED, Perfect!
Hide
Eduards Samersovs added a comment -

Tested!

Show
Eduards Samersovs added a comment - Tested!
Hide
Oleg Egorov added a comment -

FIXED IN 2.0.4rc1 r31084, 2.1.0(trunk) r31085
CLOSED

Show
Oleg Egorov added a comment - FIXED IN 2.0.4rc1 r31084, 2.1.0(trunk) r31085 CLOSED

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved: