Uploaded image for project: 'Kopano Groupware Core'
  1. Kopano Groupware Core
  2. KC-1108

server: slowness when named property erroneously exists multiple times

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 8.5.6, 8.6.1
    • Component/s: None
    • Security Level: Public
    • Labels:
      None
    • Environment:
      KC 8.4, KC 8.5

      Description

      Assigned ID: CVE-2018-8950

      Products affected

      • kopano-server/libkcserver component of Kopano Groupware Core, 8.6.0, 8.5.0–8.5.5, and 8.4.0–8.4.6

      Summary

      There were insufficient uniqueness constraints on one table's indexes. A local user could cause kopano-server to insert copies of a preexisting SQL row's data. When the data would later be retrieved again, the reader would get back all those extra pointless rows, which takes that much extra time (and, in some quantity, also memory) to process.

      Observed in the real world: "names" table with 543K entries (about 2100 unique) leads to a delay of 3.7s when asking for `kopano-admin --details someuser` on Opteron 6180SE.

      Trigger/attack vector

      • Authenticated users may connect to kopano-server over its RPC transport (port 236, 237, and/or Unix pipe) and issue the getIDsFromNames RPC, asking for the same property.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jengelhardt Jan Engelhardt
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: