Ticket #4233 (closed defect: duplicate)
HTTP 500 when trying to log in.
| Reported by: | marc@… | Owned by: | jamor@… |
|---|---|---|---|
| Milestone: | 2.2.X | Component: | usercorner |
| Severity: | normal | Keywords: | dos, username, 500, critical error |
| Cc: |
Description
It is possible to crash the usercorner service by simply logging in.
How to reproduce:
1) Visit the usercorner login page
2) enter a valid username and add a space at the end of it (like a copy&paste style error)
3) enter your valid password
The workaround to get your usercorner back is to flush the files in the sids directory located @ /var/lib/zentyal-usercorner/sids/.
I didn't tested every aspect of this problem since I discovered it on a production server. I just stoped by for reporting this loophole.
Done using 10.04, 10.10 and ICS workspaces.
Attachments
Change History
comment:2 Changed 14 months ago by jamor@…
- Status changed from accepted to closed
- Resolution set to duplicate
Hello Marc,
I think this is the same issue than #3442 . Try the fix explained in http://trac.zentyal.org/ticket/3442#comment:14 .
In case you found that it is a different problem, please reopen and explain your findings.
Regards,
Javier
