----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/

----------------------------------------------------------------------

TITLE:
dotProject Privilege Escalation Vulnerability

SECUNIA ADVISORY ID:
SA30470

VERIFY ADVISORY:
http://secunia.com/advisories/30470/

CRITICAL:
Less critical

IMPACT:
Security Bypass, Privilege escalation

WHERE:
>From remote

SOFTWARE:
dotProject 2.x
http://secunia.com/product/8083/

DESCRIPTION:
Jonathan Parish has reported a vulnerability in dotProject, which can
be exploited by malicious users to gain escalated privileges.

The vulnerability is caused due to the application not properly
restricting access to certain administrative pages and can be
exploited to gain administrative access by posting a specially
crafted HTTP request to certain administrative pages.

Successful exploitation requires a valid user account, e.g. on the
LDAP directory.

The vulnerability is reported in version 2.1.1. Other versions may
also be affected.

SOLUTION:
Reportedly fixed in the nightly builds.

Grant only trusted users access to the application.

PROVIDED AND/OR DISCOVERED BY:
Jonathan Parish

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------