Date: Tue, 15 Aug 2017 20:54:01 +0200 From: chbi@...i.eu To: oss-security@...ts.openwall.com Subject: CVE-2017-12850, CVE-2017-12851: Privilege Escalation in Kanboard <= v1.0.45 Hi, there are two security issues in Kanboard <= v1.0.45 (https://kanboard.net) CVE-2017-12850: By altering form data an authenticated standard user can set a new password for any other user (including the admin) to takeover the account. Fix: https://github.com/kanboard/kanboard/commit/88dd6abbf3f519897f2f6280e95c9eec9123a4ae CVE-2017-12851: By altering form data an authenticated standard user can change the mail address of the admin account to set a new password via "Forgot password?" to takeover the admin account. Fix: https://github.com/kanboard/kanboard/commit/b79b18efd7a1a8b591753a4eddd473f88d55b7df Both issues are fixed in Kanboard v1.0.46. -- chbi https://chbi.eu GPG: 3DE9 9187 4BE9 EAE6 3CA8 DC20 BA7B 93F9 9037 AE7E https://chbi.eu/chbi.asc [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ