Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • release/202005
  • release/202001
  • release/201912
  • release/201911
  • release/releaseWindowsTestOne
  • release/windowsReleaseTest
  • release/releaseTest
  • release/releaseWindowsTest
  • release/201910
  • release/qt/201910
  • release/windows-test/201910
  • release/201908
  • release/201906
  • release/201905
  • release/201904
  • release/201903
  • release/201902
  • release/201901
  • release/201812
  • 4.0.0
  • 2.2.0
  • 2.1.0
  • 2.0.1
  • 2.0.0
  • 1.4.1
  • 1.4.0
  • 1.3.0
  • 1.2.0
  • 1.1.0
30 results

configure.ac

Blame
    • Sébastien Le Stum's avatar
      569d44b5
      src: hooks: remove urlhook feature · 569d44b5
      Sébastien Le Stum authored and Sébastien Blin's avatar Sébastien Blin committed
      This feature is mostly a relicate from SFLPhone and introduced a remote
      attack vector abusing the system() function weaknesses.
      
      Provided that "sipEnabled" parameter is on in the remote target's
      configuration, a malicious peer calling that remote target could
      send SIP messages with a crafted "X-ring-url" string in order to
      execute arbitrary shell commands on the target.
      
      Header entry "X-ring-url" content is actually consumed by UrlHook
      as arguments for the "x-www-browser" command executed using system().
      
      By adding a shell escape sequence to circumvent existing arguments
      sanitizing attempts, the malicious peer could execute any shell command
      under remote peer user's identity and access sensitive information
      available using its privileges.
      
      Remove that feature altogether and enforce users that are relying on
      that feature to migrate to Jami "plugins", which are more suitable
      for introducing custom Jami behaviors.
      
      Change-Id: I1d6d07771e2b5a7c7f2cb8fc838821106c0a6708
      569d44b5
      History
      src: hooks: remove urlhook feature
      Sébastien Le Stum authored and Sébastien Blin's avatar Sébastien Blin committed
      This feature is mostly a relicate from SFLPhone and introduced a remote
      attack vector abusing the system() function weaknesses.
      
      Provided that "sipEnabled" parameter is on in the remote target's
      configuration, a malicious peer calling that remote target could
      send SIP messages with a crafted "X-ring-url" string in order to
      execute arbitrary shell commands on the target.
      
      Header entry "X-ring-url" content is actually consumed by UrlHook
      as arguments for the "x-www-browser" command executed using system().
      
      By adding a shell escape sequence to circumvent existing arguments
      sanitizing attempts, the malicious peer could execute any shell command
      under remote peer user's identity and access sensitive information
      available using its privileges.
      
      Remove that feature altogether and enforce users that are relying on
      that feature to migrate to Jami "plugins", which are more suitable
      for introducing custom Jami behaviors.
      
      Change-Id: I1d6d07771e2b5a7c7f2cb8fc838821106c0a6708
    Code owners
    Assign users and groups as approvers for specific file changes. Learn more.