Small width layout Medium width layout Maximum width layout Small text Medium text Large text
     Search
Downloads Downloads Directory Directory Forums Forums Forge Forge Blogs Blogs        Marketplace Marketplace Careers Program Careers
News › Security Policy › Security Bulletin no.11 Register  |  

Administrator account permission escalation

Published: March 14, 2008

Version: 1.0

Maximum Severity Rating: Critical

Background

For the 3.0 release of DotNetNuke we added a file manager module. By default this module is only accessible to Admin or Host users. There is a problem with the code that could allow an admin user to upload arbitrary files. With this level of access it would be possible for an Admin user to gain full Host access to the portal.

Issue Summary

The file manager component has a problem where a user could upload a file of a type that does not match the list of allowable file types. This vulnerability allowed for an Admin user to upload a file that could then grant them access to the entire portal i.e. an admin user account permission escalation.

Mitigating factors

  • The user must have access to the file manager.
  • By default this issue only affects Admin users.

Affected DotNetNuke versions

  • All versions since 3.0.

Non-Affected Versions:

  • All other versions

Fix(s) for issue

To fix this problem, you are recommended to update to the latest version of DotNetNuke (4.8.2 at time of writing)

Acknowledgments

Morteza Kermani

Security Policy


Click here to read more details on the DotNetnuke Security Policy
 


Windsor Management Group
Fund Accounting Software for K12 Education.
Infinitevisions.com 		Convert Visitors to Customers
In order to bring value to your users, we must first understand them. VIVIDSITES will help you build a custom web application and interactive marketing tools that your users will thank you for. We marry high-end creative with head banging technology to entertain and convert visitors into paying customers. Call 314.514.0505 or visit us at http://www.vividsites.com to find out how.
- V I V I D S I T E S - 		Gearworx Web Hosting
As a premier provider of Web Hosting, Private/White Label hosting, Server Colocation, Dedicated Server, and other Managed Services, Gearworx offers an array of services designed to more effectively manage strategies driving businesses on the Web. Headquartered in Fremont, California our state of the art tier one data centers and distributed managed services environment enables Gearworx to offer your business enterprise level solutions through simplified processes.
Gearworx Web Hosting

DotNetNuke Corporation   Terms Of Use  Privacy Statement
DotNetNuke®, DNN®, and the DotNetNuke logo are trademarks of DotNetNuke Corporation
Hosted by MaximumASP