Django Helpdesk Sensitive Data Exposure Vulnerability

A vulnerability in Django Helpdesk versions prior to 1.0.0 allows for sensitive data exposure due to the use of 'os.umask(0)' in 'models.py'. This behavior creates directories and files with overly permissive permissions, such as '777' for directories, which can lead to unintended access to confidential files. Although uploaded files default to '644', the initial directory permissions can create a security risk by allowing broad access to attachment files.

Impact

Excessive file and directory permissions can lead to unauthorized access to sensitive attachment files, creating a risk of exposure for confidential information.

Reproduction

The vulnerability can be reproduced by uploading an attachment to a ticket in a Django Helpdesk instance running a version prior to 1.0.0. The uploaded file will be placed in a directory that is created with '777' permissions, allowing any user on the system to read, write, and execute files within that directory. This issue can be verified by checking the permissions of the created directories and files after an attachment is uploaded.

Remediation

Users can update to Django Helpdesk version 1.0.0 or later, where this vulnerability has been fixed. Instructions for updating can be found in the project's documentation.