Published: May 27, 2008
Maximum Severity Rating: Critical
During installation or upgrade DotNetNuke runs through database scripts in sequence to create the database schema and insert various pieces of data.
It is possible to remotely force DotNetNuke to run through it's install wizard. This could cause the SQL commands in the database scripts included with the application to re-execute. Since the database scripts are not designed to be re-executed; this could cause data loss or corruption in an installation.
This exploit relies on SQL scripts being located in a specific default installation location for the DotNetNuke application. Since there is no way for an attacker to upload their own SQL scripts to this folder, the risk of arbitrary SQL script execution is not a factor.
Affected DotNetNuke versions
3.0 - 4.8.2 inclusive.
All other versions
Fix(s) for issue
To fix this problem, you are recommended to update to the latest version of DotNetNuke (4.8.3 at time of writing).
If you unable to upgrade to the latest version, you can rename or delete the following file from your installation: /Install/InstallWizard.aspx .
Tony Valenti and Joseph Ravioli
Click here to read more details on the DotNetNuke Security Policy