5737: DOS loop attack vulnerability in sources/http.php

ID	Project	Category	View Status	Date Submitted	Last Update

5737	Composr	core	public	2024-04-26 02:29	2024-04-26 16:27

Reporter	PDStig	Assigned To	PDStig
Priority	normal	Severity	Security-hole
Status	resolved	Resolution	fixed
Product Version	11.alpha2

Summary	5737: DOS loop attack vulnerability in sources/http.php
Description	The file sources/http.php had a DOS loop attack prevention mechanism that was ineffective, leaving the HttpDownloader vulnerable to DOS loop attacks. The mechanism was to set the internal ua to Composr-recurse so that if the user agent ever came back as such, HttpDownloader would exit. However, Composr-recurse was being set on an unused local variable instead of the class' actual user agent (ua) variable. This made the prevention ineffective. The git commit commented below contains a hotfix.
Tags	No tags attached.
Attach Tags	(Separate by ",")

Time estimation (hours)
Sponsorship open

Date Added	Member	Amount Sponsored

Date Modified	Username	Field	Change
2024-04-26 02:29	PDStig	New Issue
2024-04-26 02:29	PDStig	Status	Not Assigned => Assigned
2024-04-26 02:29	PDStig	Assigned To	=> user4172
2024-04-26 02:30	PDStig	Note Added: 0008688
2024-04-26 02:30	PDStig	Status	Assigned => Resolved
2024-04-26 02:30	PDStig	Resolution	open => fixed
2024-04-26 02:43	PDStig	Note Added: 0008689

PDStig 2024-04-26 02:30 administrator ~8688	Fixed in git commit https://gitlab.com/composr-foundation/composr/-/commit/4a5223f827098ec126701fa900c8e5ce4669e4da

PDStig 2024-04-26 02:43 administrator ~8689	This issue does NOT affect v10.