On 02/21/2011 06:02 AM, Ansgar Burchardt wrote: > Package: dtc-common > Version: 0.29.17-1 > Severity: grave > Tags: upstream security > > dtc sends the password of new users to the webmaster: > > $mail_content = " > Somebody tried to register an account. Here is the details of > the new user: > > login: ".$_REQUEST["reqadm_login"]." > pass: ".$_REQUEST["reqadm_pass"]." > [...] > mail($conf_webmaster_email_addr, "$conf_message_subject_header Somebody > tried to register an account", $mail_content, $headers); > > (from client/new_account_form.php) > > This mail is not encrypted.
Most of the time, the receiving server would be the same server receiving the email. If that's not the case, then the admin is free to setup encryption (and maybe auth) between the 2 SMTP servers. > I also don't see any reason why the > webmaster should even know the password... The reason is very simple: anti-fraud. Many times, you see the same hacker registering with the same password, and it helps detecting it. Also, you want the admin to see the weakest password to be able to do a bit of policing. This deserves a "wishlist" security at most!!! Thomas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
