Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. Possible nginx LDAP security flaw

Possible nginx LDAP security flaw

Scheduled Pinned Locked Moved Solved Support
securitynginx
3 Posts 3 Posters 416 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J Offline
    J Offline
    jk
    wrote on last edited by girish
    #1

    Hi,

    I just came across these two posts:

    • https://github.com/AgainstTheWest/NginxDay
    • https://www.nginx.com/blog/addressing-security-weaknesses-nginx-ldap-reference-implementation/

    Apparently, there is a flaw in the nginx-ldap-auth module.

    I know that Cloudron uses nginx a lot, and LDAP as well, so I wanted to make you aware of this.

    I lack the knowledge to determine whether Cloudron is vulnerable.

    Could you please investigate and remediate if necessary?

    Thanks!

    BrutalBirdieB 1 Reply Last reply
    3
    • BrutalBirdieB Offline
      BrutalBirdieB Offline
      BrutalBirdie Partner
      replied to jk on last edited by
      #2

      pinging @staff

      Like my work? Consider donating a drink. Cheers!

      1 Reply Last reply
      1
      • nebulonN Offline
        nebulonN Offline
        nebulon Staff
        wrote on last edited by
        #3

        Thanks for the info, but we do not use this module, so we are all good.

        1 Reply Last reply
        2
        • nebulonN nebulon marked this topic as a question on
        • nebulonN nebulon has marked this topic as solved on

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search