We used the following two methods to identify & fingerprint the document rendering service on multiple websites. Many companies rely on using LibreOffice to export common document formats to HTML/PDF due to it allowing headless file conversions. LibreOffice's Github project has over 500k commits including code that has not been updated in many years. LibreOffice is an open-source fork of OpenOffice and with some google searches you can see there are several critical CVEs for it from the past few weeks alone. We believe our research here is not final, and encourage others to look into this area. The unintended misuse of the Python-UNO bridge by the popular package unoconv resulted in CVE-2019-17400.
This writeup covers our efforts to fingerprint LibreOffice, LibreOffice file detection (and abuse) & misuse of the LibreOffice Python-UNO bridge. In our attempt to fingerprint LibreOffice as a PDF rendering service, we identified multiple implementation vulnerabilities. Slack has confirmed that no customer data was accessed using this bug. The security of file sharing is critically important to Slack and its users, and we worked with the research team to quickly implement a fix within 24 hours of receiving the report.
Slack would like to thank the researchers for their work to increase the security of the open source tool LibreOffice and their responsible disclosure to Slack.
0 kommentar(er)
