Elog 2.9.0 buffer overflow crash bug ubuntu linux, posted by John Rouillard on Sun Apr 10 01:49:01 2011
|
When running openvas (a nessus fork) against elog 2.9.0 I provoked the following crash:
Apr 9 17:32:06 unixland elogd[1300]: POST / HTTP/1.0#015#012Host: unixland.home
#015#012Content-Length: -800#015#012#015#012XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Apr 9 17:32:06 unixland kernel: [664894.491242] elogd[1300]: segfault at b7713d
2e ip 080b6956 sp bf8d5ea0 error 4 in elogd[8048000+96000]
openvas reports that it was testing for CVE-2002-1212 when the crash occurred.
Startup info:
Apr 9 19:35:54 unixland elogd[21584]: elogd 2.9.0 built Apr 9 2011, 17:49:08
Apr 9 19:35:54 unixland elogd[21584]: revision 2411
-- rouilj |
Re: Elog 2.9.0 buffer overflow crash bug ubuntu linux, posted by Stefan Ritt on Fri Apr 15 08:49:26 2011
|
> When running openvas (a nessus fork) against elog 2.9.0 I provoked the following crash:
>
> Apr 9 17:32:06 unixland elogd[1300]: POST / HTTP/1.0#015#012Host: unixland.home
> #015#012Content-Length: -800#015#012#015#012XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>
> Apr 9 17:32:06 unixland kernel: [664894.491242] elogd[1300]: segfault at b7713d
> 2e ip 080b6956 sp bf8d5ea0 error 4 in elogd[8048000+96000]
>
> openvas reports that it was testing for CVE-2002-1212 when the crash occurred.
>
> Startup info:
>
> Apr 9 19:35:54 unixland elogd[21584]: elogd 2.9.0 built Apr 9 2011, 17:49:08
> Apr 9 19:35:54 unixland elogd[21584]: revision 2411
>
> -- rouilj
I haven't tried openvas, but added a check for the negative content-length you have in the request
above in SVN revision 2413. Can you try if it still crashes?
- Stefan |
Authentication error message, posted by soren poulsen on Tue Mar 15 17:37:19 2011
|
It is very good to have Kerberos authentication available. It is just the error message which is a bit cryptic.
If you enter your Kerberos password once, and later fail to authenticate with a wrong password, you get:
Kerberos error:
Decrypt integrity check failed.
Please check your Kerberos configuration
That is not really urgent!
Soren
|
Re: Authentication error message, posted by Stefan Ritt on Fri Apr 1 16:13:44 2011 
|
| soren poulsen wrote: |
|
It is very good to have Kerberos authentication available. It is just the error message which is a bit cryptic.
If you enter your Kerberos password once, and later fail to authenticate with a wrong password, you get:
Kerberos error:
Decrypt integrity check failed.
Please check your Kerberos configuration
That is not really urgent!
Soren
|
Can you tell me how to reproduce this? If I do it here, I just get back to the login page:
Maybe it has to do with your specific Kerberos implementation? What server are you using?
|
|
Re: Authentication error message, posted by soren poulsen on Mon Apr 11 19:31:23 2011
|
| Stefan Ritt wrote: |
|
| soren poulsen wrote: |
|
It is very good to have Kerberos authentication available. It is just the error message which is a bit cryptic.
If you enter your Kerberos password once, and later fail to authenticate with a wrong password, you get:
Kerberos error:
Decrypt integrity check failed.
Please check your Kerberos configuration
That is not really urgent!
Soren
|
Can you tell me how to reproduce this? If I do it here, I just get back to the login page:
Maybe it has to do with your specific Kerberos implementation? What server are you using?
|
I am sorry but I cannot reproduce this any more. It happened several times when I was testing different kinds of wrong user input to the authentication dialog but now there is no issue any longer. However, there has been other issues lately in this domain and it may be that the Kerberos installation has been patched by our automatic update installation.
Case closed! Thanks anyway for responding.
Soren |
Creating a form or table, posted by Terry Shuck on Thu Mar 24 16:37:55 2011
|
Is there a way to open a form or table when clicking on New rather than going to a text field? Thanks, TS!
|
|
Re: Creating a form or table, posted by Stefan Ritt on Fri Apr 1 10:45:17 2011
|
| Terry Shuck wrote: |
|
Is there a way to open a form or table when clicking on New rather than going to a text field? Thanks, TS!
|
The HTML editor contains a table editor such as this:
Just click on the menu with the little table icon  |
|
Re: Creating a form or table, posted by Andreas Luedeke on Fri Apr 1 14:15:45 2011
|
| Terry Shuck wrote: |
|
Is there a way to open a form or table when clicking on New rather than going to a text field? Thanks, TS!
|
Hi Terry,
it is not exactly clear to me what you want.
You can define many different types of attributes to an entry.
Like this logbook has "Icon", "Author", "Author Email", "Category", ...
That automatically creates a form for the input.
Or you can have some pre-filled text in the text area, like a pre-defined table.
E.g. with the following line:
Preset Text = input-form.html
Every new entry will now contain the content of the file input-form.html
which could be some table or list, ... |
|
Re: Creating a form or table, posted by Terry Shuck on Thu Apr 7 18:28:42 2011
|
| Andreas Luedeke wrote: |
|
| Terry Shuck wrote: |
|
Is there a way to open a form or table when clicking on New rather than going to a text field? Thanks, TS!
|
Hi Terry,
it is not exactly clear to me what you want.
You can define many different types of attributes to an entry.
Like this logbook has "Icon", "Author", "Author Email", "Category", ...
That automatically creates a form for the input.
Or you can have some pre-filled text in the text area, like a pre-defined table.
E.g. with the following line:
Preset Text = input-form.html
Every new entry will now contain the content of the file input-form.html
which could be some table or list, ...
|
Thank you very much for your replies Stefan and Andreas!
I've played with the Preset Text = input-form.html however when I open a new form it just has text in there stating "input-form.html. I feel like I'm missing a way for the Configuration to find my html file.
I feel like I am close but I'm missing one piece of data. Here is what I'd like to have, when I click "New" I'd like this table to be automatically inserted in the body.
| Time |
Town/Location |
Shift Change Description |
CRM 701 |
Author |
Receipt
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
Thanks again, Terry
|
|
Re: Creating a form or table, posted by Stefan Ritt on Fri Apr 8 15:31:50 2011
|
| Terry Shuck wrote: |
|
| Andreas Luedeke wrote: |
|
| Terry Shuck wrote: |
|
Is there a way to open a form or table when clicking on New rather than going to a text field? Thanks, TS!
|
Hi Terry,
it is not exactly clear to me what you want.
You can define many different types of attributes to an entry.
Like this logbook has "Icon", "Author", "Author Email", "Category", ...
That automatically creates a form for the input.
Or you can have some pre-filled text in the text area, like a pre-defined table.
E.g. with the following line:
Preset Text = input-form.html
Every new entry will now contain the content of the file input-form.html
which could be some table or list, ...
|
Thank you very much for your replies Stefan and Andreas!
I've played with the Preset Text = input-form.html however when I open a new form it just has text in there stating "input-form.html. I feel like I'm missing a way for the Configuration to find my html file.
I feel like I am close but I'm missing one piece of data. Here is what I'd like to have, when I click "New" I'd like this table to be automatically inserted in the body.
| Time |
Town/Location |
Shift Change Description |
CRM 701 |
Author |
Receipt
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
Thanks again, Terry
|
If you see only the file name it means that elogd cannot find the file, it's probably in the wrong directory. Have you put it into the "logbooks" directory? Like c:\Program Files\ELOG\logbooks\ ? |
Re: Creating a form or table, posted by Terry Shuck on Mon Apr 11 17:31:21 2011
|
| Stefan Ritt wrote: |
|
| Terry Shuck wrote: |
|
| Andreas Luedeke wrote: |
|
| Terry Shuck wrote: |
|
Is there a way to open a form or table when clicking on New rather than going to a text field? Thanks, TS!
|
Hi Terry,
it is not exactly clear to me what you want.
You can define many different types of attributes to an entry.
Like this logbook has "Icon", "Author", "Author Email", "Category", ...
That automatically creates a form for the input.
Or you can have some pre-filled text in the text area, like a pre-defined table.
E.g. with the following line:
Preset Text = input-form.html
Every new entry will now contain the content of the file input-form.html
which could be some table or list, ...
|
Thank you very much for your replies Stefan and Andreas!
I've played with the Preset Text = input-form.html however when I open a new form it just has text in there stating "input-form.html. I feel like I'm missing a way for the Configuration to find my html file.
I feel like I am close but I'm missing one piece of data. Here is what I'd like to have, when I click "New" I'd like this table to be automatically inserted in the body.
| Time |
Town/Location |
Shift Change Description |
CRM 701 |
Author |
Receipt
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
Thanks again, Terry
|
If you see only the file name it means that elogd cannot find the file, it's probably in the wrong directory. Have you put it into the "logbooks" directory? Like c:\Program Files\ELOG\logbooks\ ?
|
Yes thanks Stefan! It is working now.
Thanks again! |
|
Mail are no longer sent from the logged in user in 2.9.0, posted by Olivier Callot on Wed Mar 23 10:01:01 2011
|
We upgraded to Elog 2.9.0-2402 and since then mails sent by Elog when posting an item are from the default account, not from the logged in user's mail address.
The configuration is, for the mail part :
Default Email From = Olivier.Callot@cern.ch
Use Email Subject = ELOG Computing Operations - $Subject ($Site - $System - $Production number)
Thanks for telling me which flag/option I have to set to restore the proper mail 'From:' field. |
|
Re: Mail are no longer sent from the logged in user in 2.9.0, posted by Stefan Ritt on Fri Apr 1 10:54:29 2011
|
| Olivier Callot wrote: |
|
We upgraded to Elog 2.9.0-2402 and since then mails sent by Elog when posting an item are from the default account, not from the logged in user's mail address.
The configuration is, for the mail part :
Default Email From = Olivier.Callot@cern.ch
Use Email Subject = ELOG Computing Operations - $Subject ($Site - $System - $Production number)
Thanks for telling me which flag/option I have to set to restore the proper mail 'From:' field.
|
Thanks for reporting this bug. I have fixed it in SVN revision 2407. |
|
Why the password file can have several same username?, posted by Ma Qiumei on Wed Mar 30 10:46:58 2011
|
In the password file, I see several same username, such as:
<user>
<name>test</name>
<password encoding="SHA256">iXhH.</password>
<full_name>test me</full_name>
<last_logout>Tue Apr 14 14:12:44 2009</last_logout>
<last_activity>Wed May 19 09:39:32 2010</last_activity>
<email>maqm@ihep.ac.cn</email>
<email_notify/>
</user>
<user>
<name>test</name>
<password encoding="SHA256">iXhH.</password>
<full_name>test me</full_name>
<last_logout>0</last_logout>
<last_activity>0</last_activity>
<inactive>0</inactive>
<email>maqm@ihep.ac.cn</email>
<email_notify/>
</user>
<user>
<name>test</name>
<password encoding="SHA256">iXhH.</password>
<full_name>test me</full_name>
<last_logout>0</last_logout>
<last_activity>0</last_activity>
<inactive>0</inactive>
<email>maqm@ihep.ac.cn</email>
<email_notify/>
</user>
I don't know the reason why eLog can have the same username.
And what should I do to prevent these things happen?
Thanks!
|
|
Re: Why the password file can have several same username?, posted by Stefan Ritt on Fri Apr 1 09:17:20 2011
|
| Ma Qiumei wrote: |
|
I don't know the reason why eLog can have the same username.
And what should I do to prevent these things happen?
|
Thanks for reporting that bug. It has been fixed in SVN revision 2404. |
Attributes for message workflow., posted by Ryan on Thu Mar 24 17:23:37 2011
|
I am attempting to setup an ECR (Engineering Change Review/Request) process in ELOG.
I have a logbook setup so that an original request is submitted with a status of "Approval Pending"
Options ECR Status = Approval Pending, Approved / In Progress, Completed / In QA, Closed
Once the entry is made, it is reviewed by several people who reply to the original entry and update the approval fields, adding any comments as a reply :
Options OPS Approval = Approved, Denied
Options ENG Approval = Approved, Denied
Options Director Approval = Approved, Denied
Once the final approval is obtained, they reply to the thread and update the ECR Status field to "Approved / In Progress"
This goes through our QA process, and is finaly updated with "Closed"
The problem is, I would like to keep the historical data of when the status of these entries are made. For example, in the message thread, I can see that reply #4 changed the "Status" field to "Approved". However, I can not seem to find a way for this to work with quick filtering. The quick filter always filters on the first entry on a thread, and not the last.
The other option would be to change the status of the first entry, but that seems silly as I am using replys instead of edits.
Any ideas on how to implement this "Status" field into my workflow? I am even open to losing the historical "status" and beeing able to change all entries on the thread on reply. (i.e. Reply #4 changes "Status" to "Approved", and the system changed all entries in the thread to "Approved") |
Re: Attributes for message workflow., posted by Andreas Luedeke on Wed Mar 30 13:46:01 2011
|
| Ryan wrote: |
|
[...] I am even open to losing the historical "status" and beeing able to change all entries on the thread on reply. (i.e. Reply #4 changes "Status" to "Approved", and the system changed all entries in the thread to "Approved")
|
One possibility is to use the new 2.9.0 feature "Propagate attributes = OPS Approval, ENG Approval, Director Approval"
A change in any of the three listed attributes would propage to the corresponding fields of all former entires of the same thread.
So if someone creates a reply and changes "OPS Approval" to "Approved", the field "OPS Approval" of the original entry would go as well to "Approved".
I just happen to know about this feature because Stefan implemented it for me :-) |
|
Cleaning up attachments, posted by Louis de Leseleuc on Tue Mar 15 21:38:01 2011
|
I noticed a behavior that might be irritating.
After attaching/uploading files to an entry and before submitting it, one might press 'Back' or close the browser window.
This in effect cancels the entry and sends into oblivion. HOWEVER the attachments and their thumbnail files remain on the server forever.
Would there be a way to either delete attachments after some time if they don't show up in an entry? Or some other magic trick with the browser? My logbook directories are already full of orphan files that I need to seek and destroy.
Also, any thoughts on automatically cleaning up a logbook directory when the damage is done?
Louis |
|
Re: Cleaning up attachments, posted by Stefan Ritt on Fri Mar 18 11:07:50 2011
|
| Louis de Leseleuc wrote: |
|
I noticed a behavior that might be irritating.
After attaching/uploading files to an entry and before submitting it, one might press 'Back' or close the browser window.
This in effect cancels the entry and sends into oblivion. HOWEVER the attachments and their thumbnail files remain on the server forever.
Would there be a way to either delete attachments after some time if they don't show up in an entry? Or some other magic trick with the browser? My logbook directories are already full of orphan files that I need to seek and destroy.
Also, any thoughts on automatically cleaning up a logbook directory when the damage is done?
Louis
|
Well, this is not so easy. When you leave the browser (via 'Back' or just by closing), it has no way to communicate with the elog server. I could put in some JavaScript, but if people switch off JavaScript there is no way. On the other hand it might be simple to write just a little shell script, which goes through all files on the server and checks if the file name occurs in some elog entry. This can probably be done with some combination of "find" and "grep", but I'm not a shell script expert. |
|
Re: Cleaning up attachments, posted by Louis de Leseleuc on Mon Mar 21 17:42:15 2011
|
| Stefan Ritt wrote: |
|
| Louis de Leseleuc wrote: |
|
I noticed a behavior that might be irritating.
After attaching/uploading files to an entry and before submitting it, one might press 'Back' or close the browser window.
This in effect cancels the entry and sends into oblivion. HOWEVER the attachments and their thumbnail files remain on the server forever.
Would there be a way to either delete attachments after some time if they don't show up in an entry? Or some other magic trick with the browser? My logbook directories are already full of orphan files that I need to seek and destroy.
Also, any thoughts on automatically cleaning up a logbook directory when the damage is done?
Louis
|
Well, this is not so easy. When you leave the browser (via 'Back' or just by closing), it has no way to communicate with the elog server. I could put in some JavaScript, but if people switch off JavaScript there is no way. On the other hand it might be simple to write just a little shell script, which goes through all files on the server and checks if the file name occurs in some elog entry. This can probably be done with some combination of "find" and "grep", but I'm not a shell script expert.
|
How about this:
Whenever a new file is uploaded, it would first be stored in a temporary directory. When the entry gets submitted, the files would be moved to the logbook directory and the entry edited accordingly.
Any wrongfully stored file would remain in that temp dir. Starting/restarting the daemon would cleanup that directory. Seems like a simpler approach and does not involve scripting the browser. |
|
http://midas.psi.ch/elog/download/windows/ doesn't have the latest 2.90 release, posted by John Rouillard on Mon Mar 21 02:40:31 2011
|
It looks like the newest windows release of elog at
http://midas.psi.ch/elog/download/windows/ is 2.81.
elog281-1.exe 23-Dec-2010 11:42 3.1M
elog-latest.exe 23-Dec-2010 11:42 3.1M
Can you post the 2.90 release.
Thanks.
-- rouilj |
|
Re: http://midas.psi.ch/elog/download/windows/ doesn't have the latest 2.90 release, posted by Stefan Ritt on Mon Mar 21 08:53:48 2011
|
> It looks like the newest windows release of elog at
> http://midas.psi.ch/elog/download/windows/ is 2.81.
>
> elog281-1.exe 23-Dec-2010 11:42 3.1M
> elog-latest.exe 23-Dec-2010 11:42 3.1M
>
> Can you post the 2.90 release.
>
> Thanks.
>
> -- rouilj
Yepp, done. I somehow overlooked it.
- Stefan |