mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Security fix: unauthorized access (#10091)

Browse Source 
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
This commit is contained in:
Tony Murray
2019-04-11 23:26:42 -05:00
committed by GitHub
parent b81af32ed2
commit 36431dd296
1301 changed files with 1443 additions and 1439 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
includes/html/front/boxes.inc.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
/*
* LibreNMS front page graphs
*
* Author: Paul Gear
* Copyright (c) 2013 Gear Consulting Pty Ltd <http://libertysys.com.au/>
*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version. Please see LICENSE.txt at the top level of
* the source code distribution for details.
*/
echo '
<div class="cycle-slideshow"
data-cycle-fx="fade"
data-cycle-timeout="10000"
data-cycle-slides="> div"
style="clear: both">
';
foreach (get_matching_files($config['html_dir'].'/includes/front/', '/^top_.*\.php$/') as $file) {
if (($file == 'top_ports.inc.php' && $config['top_ports'] == 0) || ($file == 'top_device_bits.inc.php' && $config['top_devices'] == 0)) {
} else {
echo "<div class=box>\n";
include_once $file;
echo "</div>\n";
}
}
echo "</div>\n";

62
includes/html/front/top_device_bits.inc.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
/*
* LibreNMS front page top devices graph
* - Find most utilised devices that have been polled in the last N minutes
*
* Author: Paul Gear
* Copyright (c) 2013 Gear Consulting Pty Ltd <http://libertysys.com.au/>
*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version. Please see LICENSE.txt at the top level of
* the source code distribution for details.
*/
use LibreNMS\Authentication\LegacyAuth;
$minutes = 15;
$seconds = ($minutes * 60);
$top = $config['front_page_settings']['top']['devices'];
if (LegacyAuth::user()->hasGlobalRead()) {
$query = "
SELECT *, sum(p.ifInOctets_rate + p.ifOutOctets_rate) as total
FROM ports as p, devices as d
WHERE d.device_id = p.device_id
AND unix_timestamp() - p.poll_time < $seconds
AND ( p.ifInOctets_rate > 0
OR p.ifOutOctets_rate > 0 )
GROUP BY d.device_id
ORDER BY total desc
LIMIT $top
";
} else {
$query = "
SELECT *, sum(p.ifInOctets_rate + p.ifOutOctets_rate) as total
FROM ports as p, devices as d, `devices_perms` AS `P`
WHERE `P`.`user_id` = ? AND `P`.`device_id` = `d`.`device_id` AND
d.device_id = p.device_id
AND unix_timestamp() - p.poll_time < $seconds
AND ( p.ifInOctets_rate > 0
OR p.ifOutOctets_rate > 0 )
GROUP BY d.device_id
ORDER BY total desc
LIMIT $top
";
$param[] = array(LegacyAuth::id());
}//end if
echo "<strong>Top $top devices (last $minutes minutes)</strong>\n";
echo "<table class='simple'>\n";
foreach (dbFetchRows($query, $param) as $result) {
echo '<tr class=top10>'.'<td class=top10>'.generate_device_link($result, shorthost($result['hostname'])).'</td>'.'<td class=top10>'.generate_device_link(
$result,
generate_minigraph_image($result, $config['time']['day'], $config['time']['now'], 'device_bits', 'no', 150, 21, '&', 'top10'),
array(),
0,
0,
0
).'</td>'."</tr>\n";
}
echo "</table>\n";

58
includes/html/front/top_ports.inc.php Normal file
View File

@@ -0,0 +1,58 @@
<?php
/*
* LibreNMS front page top ports graph
* - Find most utilised ports that have been polled in the last N minutes
*
* Author: Paul Gear
* Copyright (c) 2013 Gear Consulting Pty Ltd <http://libertysys.com.au/>
*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or (at your
* option) any later version. Please see LICENSE.txt at the top level of
* the source code distribution for details.
*/
use LibreNMS\Authentication\LegacyAuth;
$minutes = 15;
$seconds = ($minutes * 60);
$top = $config['front_page_settings']['top']['ports'];
if (LegacyAuth::user()->hasGlobalRead()) {
$query = "
SELECT *, p.ifInOctets_rate + p.ifOutOctets_rate as total
FROM ports as p, devices as d
WHERE d.device_id = p.device_id
AND unix_timestamp() - p.poll_time < $seconds
AND ( p.ifInOctets_rate > 0
OR p.ifOutOctets_rate > 0 )
ORDER BY total desc
LIMIT $top
";
} else {
$query = "
SELECT *, I.ifInOctets_rate + I.ifOutOctets_rate as total
FROM ports as I, devices as d,
`devices_perms` AS `P`, `ports_perms` AS `PP`
WHERE ((`P`.`user_id` = ? AND `P`.`device_id` = `d`.`device_id`) OR (`PP`.`user_id` = ? AND `PP`.`port_id` = `I`.`port_id` AND `I`.`device_id` = `d`.`device_id`)) AND
d.device_id = I.device_id
AND unix_timestamp() - I.poll_time < $seconds
AND ( I.ifInOctets_rate > 0
OR I.ifOutOctets_rate > 0 )
ORDER BY total desc
LIMIT $top
";
$param[] = array(
LegacyAuth::id(),
LegacyAuth::id(),
);
}//end if
echo "<strong>Top $top ports (last $minutes minutes)</strong>\n";
echo "<table class='simple'>\n";
foreach (dbFetchRows($query, $param) as $result) {
$result = cleanPort($result);
echo '<tr class=top10>'.'<td class=top10>'.generate_device_link($result, shorthost($result['hostname'])).'</td>'.'<td class=top10>'.generate_port_link($result).'</td>'.'<td class=top10>'.generate_port_link($result, generate_port_thumbnail($result)).'</td>'."</tr>\n";
}
echo "</table>\n";