pfSense Support Subscription

Author Topic: Fundamental security flaw?  (Read 2343 times)

0 Members and 1 Guest are viewing this topic.

Offline rcfa

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +4/-0
    • View Profile
Fundamental security flaw?
« on: May 06, 2016, 01:33:16 am »
I use my pfSense unit mostly as a router. I need to keep open ssh and web configurator access over the internet, and I pass just about all traffic through, letting pfSense to some sanitizing, but mostly dealing with the firewall aspects elsewhere (mostly because IPSec snatches most traffic before it can be properly handled by the firewall rules anyway.)

My passwords are non-trivial, so a regular brut force dictionary attack should not be successful.

That said, it’s now the second time already that instead of the web configurator, I end up getting an nginx error page, and ssh-ing into the system, I find a (partially?) installed nginx server installed on the unit. I assume that’s not part of pfSense, which last I checked uses lighttp, right?

Last time this happened, I re-installed, restored the config, and all was fine. Except now it’s happening again, and I can’t go through this spiel at random intervals, especially while I might not even be on location.

Which brings me to the second issue: chances are, once there’s a power cycle or something like it, I’ll lose control of the unit, since I’m currently traveling.
Is there a way to trigger not a partial system update, but more or less a complete re-install (aka full download and package reinstallation) from the command line (to which I still have access), so whatever changes these hackers made are overwritten, and I have a system that will handle a reboot?

I already moved the nginx files out of the way…

The larger question is of course: regardless of how the firewall is configured, without password nobody should be getting in, and especially nobody should be able to install software.

Offline fragged

  • Sr. Member
  • ****
  • Posts: 402
  • Karma: +27/-1
    • View Profile
Re: Fundamental security flaw?
« Reply #1 on: May 06, 2016, 01:43:57 am »
pfSense > 2.3 uses nginx.

Changed the GUI and Captive Portal web server to nginx; removed lighttpd. #5719

Offline rcfa

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +4/-0
    • View Profile
Re: Fundamental security flaw?
« Reply #2 on: May 06, 2016, 01:53:57 am »
pfSense > 2.3 uses nginx.

Changed the GUI and Captive Portal web server to nginx; removed lighttpd. #5719

OK, guess I’ll move the files back, in that case.

Now what would result in me getting a “bad gateway” nginx error page?

Just looked a bit too much like how the hackers left my system back then (and I still have no clue how they got in back then…)

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Re: Fundamental security flaw?
« Reply #3 on: May 06, 2016, 02:08:57 am »
The GUI is nginx. A gateway error would be php-fpm not returning/stuck for some reason. The output of 'ps auwwx' while nginx is returning 504 or any gateway-related error would help determine why it's happening. Option 16 at the console will recover.

Offline rcfa

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +4/-0
    • View Profile
Re: Fundamental security flaw?
« Reply #4 on: May 07, 2016, 08:10:47 am »
The restarting of the backend put things back into action. No idea what went wrong… Given that this happened after a period of inactivity, it’s likely not the result of some interaction with the system, other than potentially by a hacker.

The Notices section only shows the previously reported occasional complaint about the IPSec macro not being defined, which usually go along with corresponding crashes.

Not sure if any of that helps:

Code: [Select]
Crash report begins.  Anonymous machine information:

amd64
10.3-RELEASE-p2
FreeBSD 10.3-RELEASE-p2 #47 070f476(RELENG_2_3): Wed May  4 20:17:51 CDT 2016     root@ce23-amd64-builder:/builder/pfsense/tmp/obj/builder/pfsense/tmp/FreeBSD-src/sys/pfSense

Crash report details:

PHP Errors:
[05-May-2016 04:06:03 Etc/UTC] PHP Stack trace:
[05-May-2016 04:06:03 Etc/UTC] PHP   1. {main}() /usr/local/www/ifstats.php:0
[05-May-2016 04:06:03 Etc/UTC] PHP   2. require_once() /usr/local/www/ifstats.php:63
[05-May-2016 04:06:03 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 04:16:15 Etc/UTC] PHP Stack trace:
[05-May-2016 04:16:15 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[05-May-2016 04:16:15 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/gateways.widget.php:62
[05-May-2016 04:16:15 Etc/UTC] PHP   3. require_once() /usr/local/www/guiconfig.inc:79
[05-May-2016 04:16:15 Etc/UTC] PHP   4. session_auth() /etc/inc/authgui.inc:62
[05-May-2016 04:16:15 Etc/UTC] PHP   5. session_start() /etc/inc/auth.inc:1598
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_optcfg_array() /etc/inc/filter.inc:277
[05-May-2016 04:25:24 Etc/UTC] PHP   4. get_configured_interface_with_descr() /etc/inc/filter.inc:1107
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[05-May-2016 04:25:24 Etc/UTC] PHP   4. return_gateways_array() /etc/inc/filter.inc:880
[05-May-2016 04:25:24 Etc/UTC] PHP   5. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[05-May-2016 04:25:24 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[05-May-2016 04:25:24 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[05-May-2016 04:25:24 Etc/UTC] PHP   6. return_gateways_array() /etc/inc/gwlb.inc:418
[05-May-2016 04:25:24 Etc/UTC] PHP   7. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[05-May-2016 04:25:24 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[05-May-2016 04:25:24 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[05-May-2016 04:25:24 Etc/UTC] PHP   6. get_dpinger_status() /etc/inc/gwlb.inc:421
[05-May-2016 04:25:24 Etc/UTC] PHP   7. return_gateways_array() /etc/inc/gwlb.inc:369
[05-May-2016 04:25:24 Etc/UTC] PHP   8. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[05-May-2016 04:25:24 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[05-May-2016 04:25:24 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[05-May-2016 04:25:24 Etc/UTC] PHP   6. get_dpinger_status() /etc/inc/gwlb.inc:421
[05-May-2016 04:25:24 Etc/UTC] PHP   7. return_gateways_array() /etc/inc/gwlb.inc:369
[05-May-2016 04:25:24 Etc/UTC] PHP   8. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[05-May-2016 04:25:24 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[05-May-2016 04:25:24 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[05-May-2016 04:25:24 Etc/UTC] PHP   6. return_gateways_array() /etc/inc/gwlb.inc:444
[05-May-2016 04:25:24 Etc/UTC] PHP   7. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[05-May-2016 04:25:24 Etc/UTC] PHP Stack trace:
[05-May-2016 04:25:24 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[05-May-2016 04:25:24 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[05-May-2016 04:25:24 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[05-May-2016 04:25:24 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[05-May-2016 04:25:24 Etc/UTC] PHP   5. return_gateways_array() /etc/inc/gwlb.inc:892
[05-May-2016 04:25:24 Etc/UTC] PHP   6. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[05-May-2016 08:59:42 Etc/UTC] PHP Stack trace:
[05-May-2016 08:59:42 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/interface_statistics.widget.php:0
[05-May-2016 08:59:42 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/interface_statistics.widget.php:64
[05-May-2016 08:59:42 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 08:59:42 Etc/UTC] PHP Stack trace:
[05-May-2016 08:59:42 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/interface_statistics.widget.php:0
[05-May-2016 08:59:42 Etc/UTC] PHP   2. get_configured_interface_with_descr() /usr/local/www/widgets/widgets/interface_statistics.widget.php:82
[05-May-2016 10:22:42 Etc/UTC] PHP Stack trace:
[05-May-2016 10:22:42 Etc/UTC] PHP   1. {main}() /usr/local/www/ifstats.php:0
[05-May-2016 10:22:42 Etc/UTC] PHP   2. require_once() /usr/local/www/ifstats.php:63
[05-May-2016 10:22:42 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 11:53:43 Etc/UTC] PHP Stack trace:
[05-May-2016 11:53:43 Etc/UTC] PHP   1. {main}() /usr/local/www/ifstats.php:0
[05-May-2016 11:53:43 Etc/UTC] PHP   2. require_once() /usr/local/www/ifstats.php:63
[05-May-2016 11:53:43 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 12:22:03 Etc/UTC] PHP Stack trace:
[05-May-2016 12:22:03 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/snort_alerts.widget.php:0
[05-May-2016 12:22:03 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/snort_alerts.widget.php:32
[05-May-2016 12:22:03 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 13:32:50 Etc/UTC] PHP Stack trace:
[05-May-2016 13:32:50 Etc/UTC] PHP   1. {main}() /usr/local/www/ifstats.php:0
[05-May-2016 13:32:50 Etc/UTC] PHP   2. require_once() /usr/local/www/ifstats.php:63
[05-May-2016 13:32:50 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 14:43:40 Etc/UTC] PHP Stack trace:
[05-May-2016 14:43:40 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/installed_packages.widget.php:0
[05-May-2016 14:43:40 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/installed_packages.widget.php:63
[05-May-2016 14:43:40 Etc/UTC] PHP   3. require_once() /usr/local/www/guiconfig.inc:79
[05-May-2016 14:43:40 Etc/UTC] PHP   4. session_auth() /etc/inc/authgui.inc:62
[05-May-2016 14:43:40 Etc/UTC] PHP   5. session_start() /etc/inc/auth.inc:1598
[05-May-2016 15:29:10 Etc/UTC] PHP Stack trace:
[05-May-2016 15:29:10 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/installed_packages.widget.php:0
[05-May-2016 15:29:10 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/installed_packages.widget.php:63
[05-May-2016 15:29:10 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[05-May-2016 15:33:13 Etc/UTC] PHP Stack trace:
[05-May-2016 15:33:13 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/ipsec.widget.php:0
[05-May-2016 15:33:13 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/ipsec.widget.php:64
[05-May-2016 15:33:13 Etc/UTC] PHP   3. require_once() /usr/local/www/guiconfig.inc:79
[05-May-2016 15:33:13 Etc/UTC] PHP   4. session_auth() /etc/inc/authgui.inc:62
[05-May-2016 15:33:13 Etc/UTC] PHP   5. session_start() /etc/inc/auth.inc:1598
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_optcfg_array() /etc/inc/filter.inc:277
[06-May-2016 07:03:44 Etc/UTC] PHP   4. get_configured_interface_with_descr() /etc/inc/filter.inc:1107
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[06-May-2016 07:03:44 Etc/UTC] PHP   4. return_gateways_array() /etc/inc/filter.inc:880
[06-May-2016 07:03:44 Etc/UTC] PHP   5. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[06-May-2016 07:03:44 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[06-May-2016 07:03:44 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[06-May-2016 07:03:44 Etc/UTC] PHP   6. return_gateways_array() /etc/inc/gwlb.inc:418
[06-May-2016 07:03:44 Etc/UTC] PHP   7. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[06-May-2016 07:03:44 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[06-May-2016 07:03:44 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[06-May-2016 07:03:44 Etc/UTC] PHP   6. get_dpinger_status() /etc/inc/gwlb.inc:421
[06-May-2016 07:03:44 Etc/UTC] PHP   7. return_gateways_array() /etc/inc/gwlb.inc:369
[06-May-2016 07:03:44 Etc/UTC] PHP   8. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[06-May-2016 07:03:44 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[06-May-2016 07:03:44 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[06-May-2016 07:03:44 Etc/UTC] PHP   6. get_dpinger_status() /etc/inc/gwlb.inc:421
[06-May-2016 07:03:44 Etc/UTC] PHP   7. return_gateways_array() /etc/inc/gwlb.inc:369
[06-May-2016 07:03:44 Etc/UTC] PHP   8. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[06-May-2016 07:03:44 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[06-May-2016 07:03:44 Etc/UTC] PHP   5. return_gateways_status() /etc/inc/gwlb.inc:891
[06-May-2016 07:03:44 Etc/UTC] PHP   6. return_gateways_array() /etc/inc/gwlb.inc:444
[06-May-2016 07:03:44 Etc/UTC] PHP   7. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:03:44 Etc/UTC] PHP Stack trace:
[06-May-2016 07:03:44 Etc/UTC] PHP   1. {main}() /etc/rc.filter_configure_sync:0
[06-May-2016 07:03:44 Etc/UTC] PHP   2. filter_configure_sync() /etc/rc.filter_configure_sync:37
[06-May-2016 07:03:44 Etc/UTC] PHP   3. filter_generate_gateways() /etc/inc/filter.inc:288
[06-May-2016 07:03:44 Etc/UTC] PHP   4. return_gateway_groups_array() /etc/inc/filter.inc:881
[06-May-2016 07:03:44 Etc/UTC] PHP   5. return_gateways_array() /etc/inc/gwlb.inc:892
[06-May-2016 07:03:44 Etc/UTC] PHP   6. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:04:47 Etc/UTC] PHP Stack trace:
[06-May-2016 07:04:47 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/ipsec.widget.php:0
[06-May-2016 07:04:47 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/ipsec.widget.php:64
[06-May-2016 07:04:47 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[06-May-2016 07:05:46 Etc/UTC] PHP Stack trace:
[06-May-2016 07:05:46 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[06-May-2016 07:05:46 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/gateways.widget.php:62
[06-May-2016 07:05:46 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[06-May-2016 07:05:46 Etc/UTC] PHP Stack trace:
[06-May-2016 07:05:46 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[06-May-2016 07:05:46 Etc/UTC] PHP   2. compose_table_body_contents() /usr/local/www/widgets/widgets/gateways.widget.php:69
[06-May-2016 07:05:46 Etc/UTC] PHP   3. return_gateways_array() /usr/local/www/widgets/widgets/gateways.widget.php:185
[06-May-2016 07:05:46 Etc/UTC] PHP   4. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:05:46 Etc/UTC] PHP Stack trace:
[06-May-2016 07:05:46 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[06-May-2016 07:05:46 Etc/UTC] PHP   2. compose_table_body_contents() /usr/local/www/widgets/widgets/gateways.widget.php:69
[06-May-2016 07:05:46 Etc/UTC] PHP   3. return_gateways_status() /usr/local/www/widgets/widgets/gateways.widget.php:187
[06-May-2016 07:05:46 Etc/UTC] PHP   4. return_gateways_array() /etc/inc/gwlb.inc:418
[06-May-2016 07:05:46 Etc/UTC] PHP   5. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:05:46 Etc/UTC] PHP Stack trace:
[06-May-2016 07:05:46 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[06-May-2016 07:05:46 Etc/UTC] PHP   2. compose_table_body_contents() /usr/local/www/widgets/widgets/gateways.widget.php:69
[06-May-2016 07:05:46 Etc/UTC] PHP   3. return_gateways_status() /usr/local/www/widgets/widgets/gateways.widget.php:187
[06-May-2016 07:05:46 Etc/UTC] PHP   4. get_dpinger_status() /etc/inc/gwlb.inc:421
[06-May-2016 07:05:46 Etc/UTC] PHP   5. return_gateways_array() /etc/inc/gwlb.inc:369
[06-May-2016 07:05:46 Etc/UTC] PHP   6. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:05:46 Etc/UTC] PHP Stack trace:
[06-May-2016 07:05:46 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[06-May-2016 07:05:46 Etc/UTC] PHP   2. compose_table_body_contents() /usr/local/www/widgets/widgets/gateways.widget.php:69
[06-May-2016 07:05:46 Etc/UTC] PHP   3. return_gateways_status() /usr/local/www/widgets/widgets/gateways.widget.php:187
[06-May-2016 07:05:46 Etc/UTC] PHP   4. get_dpinger_status() /etc/inc/gwlb.inc:421
[06-May-2016 07:05:46 Etc/UTC] PHP   5. return_gateways_array() /etc/inc/gwlb.inc:369
[06-May-2016 07:05:46 Etc/UTC] PHP   6. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[06-May-2016 07:05:46 Etc/UTC] PHP Stack trace:
[06-May-2016 07:05:46 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/gateways.widget.php:0
[06-May-2016 07:05:46 Etc/UTC] PHP   2. compose_table_body_contents() /usr/local/www/widgets/widgets/gateways.widget.php:69
[06-May-2016 07:05:46 Etc/UTC] PHP   3. return_gateways_status() /usr/local/www/widgets/widgets/gateways.widget.php:187
[06-May-2016 07:05:46 Etc/UTC] PHP   4. return_gateways_array() /etc/inc/gwlb.inc:444
[06-May-2016 07:05:46 Etc/UTC] PHP   5. get_configured_interface_with_descr() /etc/inc/gwlb.inc:593
[07-May-2016 13:08:24 Etc/UTC] PHP Stack trace:
[07-May-2016 13:08:24 Etc/UTC] PHP   1. {main}() /usr/local/www/ifstats.php:0
[07-May-2016 13:08:24 Etc/UTC] PHP   2. require_once() /usr/local/www/ifstats.php:63
[07-May-2016 13:08:24 Etc/UTC] PHP   3. get_configured_interface_with_descr() /usr/local/www/guiconfig.inc:254
[07-May-2016 13:08:24 Etc/UTC] PHP Stack trace:
[07-May-2016 13:08:24 Etc/UTC] PHP   1. {main}() /usr/local/www/widgets/widgets/snort_alerts.widget.php:0
[07-May-2016 13:08:24 Etc/UTC] PHP   2. require_once() /usr/local/www/widgets/widgets/snort_alerts.widget.php:32
[07-May-2016 13:08:24 Etc/UTC] PHP   3. require_once() /usr/local/www/guiconfig.inc:79
[07-May-2016 13:08:24 Etc/UTC] PHP   4. session_auth() /etc/inc/authgui.inc:62
[07-May-2016 13:08:24 Etc/UTC] PHP   5. session_start() /etc/inc/auth.inc:1598

Offline JorgeOliveira

  • Full Member
  • ***
  • Posts: 153
  • Karma: +24/-1
  • May the Triforce be with you...
    • View Profile
Re: Fundamental security flaw?
« Reply #5 on: May 07, 2016, 12:47:13 pm »
Hi,

Your PHP error messages are incomplete due to a bug that was recently fixed.

Also some of those messages have striking similarity with those here:
forum.pfsense.org/index.php?topic=110698.0;all
by hitting the issue on get_configured_interface_with_descr()

I'd recommend a gitsync to the latest RELENG_2_3 version which contains the following fix:
https://github.com/pfsense/pfsense/pull/2922/files

And applying this, might help as well:
https://github.com/pfsense/pfsense/pull/2925/files

Do you have any packages installed?

Regards,
Jorge M. Oliveira
My views have absolutely no warranty express or implied. Always do your own research.

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Re: Fundamental security flaw?
« Reply #6 on: May 07, 2016, 04:55:43 pm »
Yes, not a security issue.

It sounds like missing some or all of the $config array, that's the symptom Jorge mentioned as well. In that case where $config['interfaces'] isn't an array (except it always is in the config).

Offline rcfa

  • Hero Member
  • *****
  • Posts: 731
  • Karma: +4/-0
    • View Profile
Re: Fundamental security flaw?
« Reply #7 on: May 10, 2016, 05:24:33 am »
Your PHP error messages are incomplete due to a bug that was recently fixed.

Also some of those messages have striking similarity with those here:
forum.pfsense.org/index.php?topic=110698.0;all
by hitting the issue on get_configured_interface_with_descr()

I'd recommend a gitsync to the latest RELENG_2_3 version which contains the following fix:
https://github.com/pfsense/pfsense/pull/2922/files

And applying this, might help as well:
https://github.com/pfsense/pfsense/pull/2925/files

Are these automatic if I’m on the snapshot branch?

Do you have any packages installed?

Sure, a whole bunch…
…anything in particular you’re interested in?