Date: Thu, 08 Mar 2007 23:26:22 -0800
From: Chris Travers <chris@metatrontech.com.>
To: [email protected]Subject: Security bypass vulnerability in LedgerSMB and SQL-Ledger (fixes
released today)
Content-Type: multipart/mixed;
boundary="------------020200010603030004020807"
X-Virus-Scanned: antivirus-gw at tyumen.ru
This is a multi-part message in MIME format.
--------------020200010603030004020807
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Hi all;
George Theall of Tenable Security notified the LedgerSMB core team today
of an authentication bypass vulnerability allowing full access to the
administrator interface of LedgerSMB 1.1 and SQL-Ledger 2.x. The
problem is caused by the password checking routine failing to enforce a
password check under certain circumstances. The user can then create
accounts or effect denial of service attacks.
This is not related to any previous CVE.
We have coordinated with the SQL-Ledger vendor and today both of us
released security patches correcting the problem. SQL-Ledger users who
can upgrade to 2.6.26 should do so, and LedgerSMB 1.1 or 1.0 users
should upgrade to 1.1.9. Users who cannot upgrade should configure
their web servers to use http authentication for the admin.pl script in
the main root directory.
Best Wishes,
Chris Travers
--------------020200010603030004020807
Content-Type: text/x-vcard; charset=utf-8;
name="chris.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="chris.vcf"
begin:vcard
fn:Chris Travers
n:Travers;Chris
email;internet:[email protected]
tel;work:509-888-0220
tel;cell:509-630-7794
x-mozilla-html:FALSE
version:2.1
end:vcard
--------------020200010603030004020807--
