diff options
| author | Joas Schilling <coding@schilljs.com> | 2020-07-15 10:09:17 +0300 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2020-07-15 10:09:17 +0300 |
| commit | d2e9a822e81226acd3d5dbad77e9f58abf3b15d2 (patch) | |
| tree | f41bc23a61fe9666ff0c329bde76e74817895994 /advisories | |
| parent | 265ca94bf3543e749c8945b1e5e19c8411177e1c (diff) | |
Add SA updates for July
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'advisories')
| -rw-r--r-- | advisories/advisories.rss | 18 | ||||
| -rw-r--r-- | advisories/full-list.php | 30 | ||||
| -rw-r--r-- | advisories/nc-sa-2020-023.php | 36 | ||||
| -rw-r--r-- | advisories/nc-sa-2020-025.php | 2 | ||||
| -rw-r--r-- | advisories/nc-sa-2020-026.php | 35 | ||||
| -rw-r--r-- | advisories/nc-sa-2020-028.php | 34 |
6 files changed, 154 insertions, 1 deletions
diff --git a/advisories/advisories.rss b/advisories/advisories.rss index 75eb86f9..11eb0159 100644 --- a/advisories/advisories.rss +++ b/advisories/advisories.rss @@ -5,6 +5,18 @@ <link>https://nextcloud.com/security/advisories/</link> <description>The Nextcloud security advisories as a RSS feed</description> <ttl>1800</ttl><item> + <title>Preferred providers: Possible denial of service when entering a long password (NC-SA-2020-028)</title> + <description>Improper check of inputs in Preferred providers app 1.6.0 allowed to perform a denial of service attack when using a very long password.<br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2020-028">For more information please consult the official advisory.</a></strong></p></description> + <link>https://nextcloud.com/security/advisory/?id=nC-SA-2020-028</link> + <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2020-028</guid> + <pubDate>Tue, 16 Jun 2020 14:00:00 +0200</pubDate> + </item><item> + <title>Server: Password of share by mail is not hashed when given on the create share call (NC-SA-2020-026)</title> + <description>A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.<br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2020-026">For more information please consult the official advisory.</a></strong></p></description> + <link>https://nextcloud.com/security/advisory/?id=nC-SA-2020-026</link> + <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2020-026</guid> + <pubDate>Thu, 04 Jun 2020 14:00:00 +0200</pubDate> + </item><item> <title>Deck App: Missing permission check on resharing a board (NC-SA-2020-025)</title> <description>Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves.<br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2020-025">For more information please consult the official advisory.</a></strong></p></description> <link>https://nextcloud.com/security/advisory/?id=nC-SA-2020-025</link> @@ -17,6 +29,12 @@ <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2020-024</guid> <pubDate>Thu, 16 Apr 2020 14:00:00 +0200</pubDate> </item><item> + <title>Server: Increase random used for encryption (NC-SA-2020-023)</title> + <description>A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended.<br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2020-023">For more information please consult the official advisory.</a></strong></p></description> + <link>https://nextcloud.com/security/advisory/?id=nC-SA-2020-023</link> + <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2020-023</guid> + <pubDate>Thu, 04 Jun 2020 14:00:00 +0200</pubDate> + </item><item> <title>Deck App: Improper access control allows injecting tasks into other users decks (NC-SA-2020-022)</title> <description>Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.<br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2020-022">For more information please consult the official advisory.</a></strong></p></description> <link>https://nextcloud.com/security/advisory/?id=nC-SA-2020-022</link> diff --git a/advisories/full-list.php b/advisories/full-list.php index 671f8baf..584d4d19 100644 --- a/advisories/full-list.php +++ b/advisories/full-list.php @@ -2,6 +2,36 @@ <h2>2020</h2> +<h3>Preferred providers 1.7.0</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2020-028">Possible denial of service when entering a long password (NC-SA-2020-028)</a> 2020-06-16</li> +</ul> + +<h3>Nextcloud Server 19.0.1</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2020-026">Password of share by mail is not hashed when given on the create share call (NC-SA-2020-026)</a> 2020-06-04</li> +</ul> + +<h3>Nextcloud Server 18.0.6</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2020-026">Password of share by mail is not hashed when given on the create share call (NC-SA-2020-026)</a> 2020-06-04</li> +</ul> + +<h3>Nextcloud Server 19.0.0</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2020-023">Increase random used for encryption (NC-SA-2020-023)</a> 2020-06-04</li> +</ul> + +<h3>Nextcloud Server 18.0.5</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2020-023">Increase random used for encryption (NC-SA-2020-023)</a> 2020-06-04</li> +</ul> + +<h3>Nextcloud Server 17.0.7</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2020-023">Increase random used for encryption (NC-SA-2020-023)</a> 2020-06-04</li> +</ul> + <h3>Deck App 1.0.1</h3> <ul> <li><a href="/security/advisory/?id=NC-SA-2020-022">Improper access control allows injecting tasks into other users decks (NC-SA-2020-022)</a> 2020-05-15</li> diff --git a/advisories/nc-sa-2020-023.php b/advisories/nc-sa-2020-023.php new file mode 100644 index 00000000..17385eef --- /dev/null +++ b/advisories/nc-sa-2020-023.php @@ -0,0 +1,36 @@ +<div class="row page-content-header"> +<div class="col-md-12"> + <h1>Security Advisory</h1> + <a href="/security/advisories/">Back to advisories</a> +</div> +</div> +<div class="row"> + <div class="col-md-12"> + <h2>Increase random used for encryption (NC-SA-2020-023)</h2> + <p>4th June 2020</p> + <p>Risk level: <strong>Low</strong></p> + <p>CVSS v3 Base Score: 2.2 (<a href="https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N">AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N</a>)</p> + <p>CWE: <a href="https://cwe.mitre.org/data/definitions/310.html">Cryptographic Issues - Generic (CWE-310)</a></p> + <p>HackerOne report: <a href="https://hackerone.com/reports/852841">852841</a></p> + <h3>Description</h3> + <p>A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended.</p> + <h3>Affected Software</h3> + <ul> + <li>Nextcloud Server < <strong>19.0.0</strong> (CVE-2020-8173)</li> +<li>Nextcloud Server < <strong>18.0.5</strong> (CVE-2020-8173)</li> +<li>Nextcloud Server < <strong>17.0.7</strong> (CVE-2020-8173)</li> + + </ul> + <h3>Action Taken</h3> + <p>The error has been fixed.</p> + <h3>Resolution</h3> + <p>It is recommended that the Nextcloud Server is upgraded to 19.0.0.</p> + <h3>Acknowledgements</h3> + <p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p> + <ul> + <li>Lynn Stephenson - Vulnerability discovery and disclosure.</li> + </ul> + <br/> + <small style="color:grey">This advisory is licensed <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a>.</small> + </div> +</div> diff --git a/advisories/nc-sa-2020-025.php b/advisories/nc-sa-2020-025.php index 668ed7e7..5b0b5fa6 100644 --- a/advisories/nc-sa-2020-025.php +++ b/advisories/nc-sa-2020-025.php @@ -26,7 +26,7 @@ <h3>Acknowledgements</h3> <p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p> <ul> - <li><a href="https://www.clarifiedsecurity.com/silvia-vali/" target="_blank" rel="noreferrer">Silvia Väli (silvia@clarifiedsecurity.com) - Vulnerability discovery and disclosure.</a></li> + <li><a href="https://www.clarifiedsecurity.com/silvia-vali/" target="_blank" rel="noreferrer">Silvia Väli - Clarified Security (silvia@clarifiedsecurity.com) - Vulnerability discovery and disclosure.</a></li> </ul> <br/> <small style="color:grey">This advisory is licensed <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a>.</small> diff --git a/advisories/nc-sa-2020-026.php b/advisories/nc-sa-2020-026.php new file mode 100644 index 00000000..bff9040e --- /dev/null +++ b/advisories/nc-sa-2020-026.php @@ -0,0 +1,35 @@ +<div class="row page-content-header"> +<div class="col-md-12"> + <h1>Security Advisory</h1> + <a href="/security/advisories/">Back to advisories</a> +</div> +</div> +<div class="row"> + <div class="col-md-12"> + <h2>Password of share by mail is not hashed when given on the create share call (NC-SA-2020-026)</h2> + <p>4th June 2020</p> + <p>Risk level: <strong>Low</strong></p> + <p>CVSS v3 Base Score: 5 (<a href="https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L">AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L</a>)</p> + <p>CWE: <a href="https://cwe.mitre.org/data/definitions/256.html">Plaintext Storage of a Password (CWE-256)</a></p> + <p>HackerOne report: <a href="https://hackerone.com/reports/885041">885041</a></p> + <h3>Description</h3> + <p>A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.</p> + <h3>Affected Software</h3> + <ul> + <li>Nextcloud Server < <strong>19.0.1</strong> (CVE-2020-8183)</li> +<li>Nextcloud Server < <strong>18.0.6</strong> (CVE-2020-8183)</li> + + </ul> + <h3>Action Taken</h3> + <p>The error has been fixed.</p> + <h3>Resolution</h3> + <p>It is recommended that the Nextcloud Server is upgraded to 19.0.1.</p> + <h3>Acknowledgements</h3> + <p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p> + <ul> + <li><a href="https://nextcloud.com/" target="_blank" rel="noreferrer"> - Nextcloud GmbH - Vulnerability discovery and disclosure.</a></li> + </ul> + <br/> + <small style="color:grey">This advisory is licensed <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a>.</small> + </div> +</div> diff --git a/advisories/nc-sa-2020-028.php b/advisories/nc-sa-2020-028.php new file mode 100644 index 00000000..2b5def57 --- /dev/null +++ b/advisories/nc-sa-2020-028.php @@ -0,0 +1,34 @@ +<div class="row page-content-header"> +<div class="col-md-12"> + <h1>Security Advisory</h1> + <a href="/security/advisories/">Back to advisories</a> +</div> +</div> +<div class="row"> + <div class="col-md-12"> + <h2>Possible denial of service when entering a long password (NC-SA-2020-028)</h2> + <p>16th June 2020</p> + <p>Risk level: <strong>Low</strong></p> + <p>CVSS v3 Base Score: 5.3 (<a href="https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L">AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</a>)</p> + <p>CWE: <a href="https://cwe.mitre.org/data/definitions/307.html">Brute Force (CWE-307)</a></p> + <p>HackerOne report: <a href="https://hackerone.com/reports/840598">840598</a></p> + <h3>Description</h3> + <p>Improper check of inputs in Preferred providers app 1.6.0 allowed to perform a denial of service attack when using a very long password.</p> + <h3>Affected Software</h3> + <ul> + <li>Nextcloud Preferred_providers < <strong>1.7.0</strong> (CVE-2020-8202)</li> + + </ul> + <h3>Action Taken</h3> + <p>The error has been fixed.</p> + <h3>Resolution</h3> + <p>It is recommended that the Preferred providers app is upgraded to 1.7.0.</p> + <h3>Acknowledgements</h3> + <p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p> + <ul> + <li>Abhishek Raj (araj07810@gmail.com) - Vulnerability discovery and disclosure.</li> + </ul> + <br/> + <small style="color:grey">This advisory is licensed <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a>.</small> + </div> +</div> |