Uploaded image for project: 'ReactOS Online Service'
  1. ReactOS Online Service
  2. ONLINE-386

JIRA bug please fix ASAP

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Fix Version/s: None
    • Component/s: JIRA
    • Labels:
      None

      Description

      "Recently published on the Command Five website is a technically detailed threat advisory (PDF) in relation to a recurring vulnerability in Atlassian Crowd. Tucked away inconspicuously at the end of this document in a section entitled 'Unpatched Vulnerabilities' is the real security bombshell: Atlassian's turnkey solution for enterprise single sign-on and secure user authentication contains an unpatched backdoor. The backdoor allows anyone to remotely take full control of a Crowd server and, according to Command Five, successful exploitation 'invariably' results in compromise of all application and user credentials as well as accessible data storage, configured directories (for example Active Directory), and dependent systems."

      http://it.slashdot.org/story/13/07/01/0011217/backdoor-discovered-in-atlassian-crowd

        Attachments

          Activity

            People

            • Assignee:
              AmineKhaldi AmineKhaldi
              Reporter:
              cruonit cruonit
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: