DotNetNuke Remote Code Execution vulnerability

2011-01-20T00:00:00

Description

======================================= Vulnerability discovered: November 23, 2010 Discovered by: Daniël Niggebrugge, Fox-IT BV (https://www.fox-it.com/) Reported to vendor: November 30, 2010 Fix available: Yes ======================================= PRODUCT ------------- DotNetNuke is an open source Content Management System (CMS) based on Microsoft ASP.NET. DotNetNuke powers over 600,000 production web sites worldwide. More information can be found at: http://www.dotnetnuke.com/Intro/AtAGlance/tabid/1579/Default.aspx VULNERABILITY ------------- An anonymous attacker can upload ASPX files, access these files and is then able to execute arbitrary commands on the web server. This leads to full compromise of the DotNetNuke environment and possibly compromise of other web applications and/or information on the web server. Fox-IT verified DotNetNuke version 05.06.00 (459) to be vulnerable to this issue. FIX ------------- This issue has been fixed in DotNetNuke version 05.06.01. Fox-IT advises to test and deploy this new version as soon as possible. DETAILS ------------- The vulnerability is caused by several web pages of DotNetNuke that insufficiently enforce authorization checks. Depending on the function of the vulnerable web page, several issues might arise. The most severe issue makes it possible to upload executable files without proper authorizations and execute arbitrary commands on the web server. REFERENCES ------------- Original report: http://www.fox-it.com/en/news-and-events/news/recent-news/news-article/dotnetnuke-remote-code-execution-vulnerability-discovered-by-fox-it/174 DotNetNuke security bulletin: http://www.dotnetnuke.com/securitybulletinno46/tabid/2113/Default.aspx

{"id": "SECURITYVULNS:DOC:25516", "bulletinFamily": "software", "title": "DotNetNuke Remote Code Execution vulnerability", "description": "=======================================\r\nVulnerability discovered: November 23, 2010\r\nDiscovered by: Daniël Niggebrugge, Fox-IT BV (https://www.fox-it.com/)\r\nReported to vendor: November 30, 2010\r\nFix available: Yes\r\n=======================================\r\n\r\nPRODUCT\r\n-------------\r\nDotNetNuke is an open source Content Management System (CMS) based on Microsoft\r\nASP.NET. DotNetNuke powers over 600,000 production web sites worldwide. More\r\ninformation can be found at:\r\nhttp://www.dotnetnuke.com/Intro/AtAGlance/tabid/1579/Default.aspx\r\n\r\nVULNERABILITY\r\n-------------\r\nAn anonymous attacker can upload ASPX files, access these files and is then able\r\nto execute arbitrary commands on the web server. This leads to full compromise of\r\nthe DotNetNuke environment and possibly compromise of other web applications and/or\r\ninformation on the web server.\r\n\r\nFox-IT verified DotNetNuke version 05.06.00 (459) to be vulnerable to this issue.\r\n\r\nFIX\r\n-------------\r\nThis issue has been fixed in DotNetNuke version 05.06.01. Fox-IT advises to test\r\nand deploy this new version as soon as possible.\r\n\r\nDETAILS\r\n-------------\r\nThe vulnerability is caused by several web pages of DotNetNuke that insufficiently\r\nenforce authorization checks. Depending on the function of the vulnerable web page,\r\nseveral issues might arise. The most severe issue makes it possible to upload\r\nexecutable files without proper authorizations and execute arbitrary commands on\r\nthe web server.\r\n\r\nREFERENCES\r\n-------------\r\nOriginal report:\r\nhttp://www.fox-it.com/en/news-and-events/news/recent-news/news-article/dotnetnuke-remote-code-execution-vulnerability-discovered-by-fox-it/174\r\n\r\nDotNetNuke security bulletin:\r\nhttp://www.dotnetnuke.com/securitybulletinno46/tabid/2113/Default.aspx", "published": "2011-01-20T00:00:00", "modified": "2011-01-20T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25516", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:38", "edition": 1, "viewCount": 119, "enchantments": {"score": {"value": 1.9, "vector": "NONE"}, "dependencies": {"references": []}, "backreferences": {}, "exploitation": null, "vulnersScore": 1.9}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659891772, "score": 1659891996}, "_internal": {"score_hash": "7e0628cf82a2257808f4f27751db80e9"}}