---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: DotNetNuke Multiple Vulnerabilities SECUNIA ADVISORY ID: SA31893 VERIFY ADVISORY: http://secunia.com/advisories/31893/ CRITICAL: Moderately critical IMPACT: Security Bypass, Privilege escalation, System access WHERE: >From remote SOFTWARE: DotNetNuke 3.x http://secunia.com/advisories/product/5103/ DotNetNuke 4.x http://secunia.com/advisories/product/12059/ DESCRIPTION: Some vulnerabilities have been reported in DotNetNuke, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions and potentially compromise a vulnerable system. 1) An error in the validation of user identities can be exploited to impersonate another user and perform certain actions with that user's privileges. Successful exploitation requires valid user credentials. This vulnerability is reported in versions 4.4.1 - 4.8.4. 2) Input passed via unspecified parameters is not properly verified before being used to load skin files. This can be exploited to load an existing ascx file and bypass certain security restrictions. Successful exploitation potentially allows to gain administrative privileges or compromise an affected system. This vulnerability is reported versions 2.0 - 4.8.4. NOTE: A disclosure of version information via the install wizard has also been reported. SOLUTION: Update to version 4.9.0. PROVIDED AND/OR DISCOVERED BY: The vendor credits Brandon Haynes ORIGINAL ADVISORY: http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno21/tabid/1174/Default.aspx http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno22/tabid/1175/Default.aspx http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno23/tabid/1176/Default.aspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------