OpenBiblio Reports System Unspecified Privilege Escalation Vulnerability

Bugtraq ID:	22773
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Mar 01 2007 12:00AM
Updated:	Mar 01 2007 08:16PM
Credit:	The vendor disclosed this issue.
Vulnerable:	OpenBiblio OpenBiblio 0.5.1 OpenBiblio OpenBiblio 0.3 OpenBiblio OpenBiblio 0.2.1 OpenBiblio OpenBiblio 0.2 OpenBiblio OpenBiblio 0.5.2
Not Vulnerable:	OpenBiblio OpenBiblio 0.6.0

OpenBiblio Reports System Unspecified Privilege Escalation Vulnerability

OpenBiblio is prone to an unspecified vulnerability.

The application is prone to an unspecified privilege-escalation vulnerability in the report section.

Versions prior to 0.6.0 are vulnerable.

OpenBiblio Reports System Unspecified Privilege Escalation Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

OpenBiblio Reports System Unspecified Privilege Escalation Vulnerability

Solution:
The vendor has released a fix to address this issue. Please see the references for information on how to obtain and apply this fix.


OpenBiblio OpenBiblio 0.5.2

• OpenBiblio openbiblio-0.6.0.tar.gz
  http://downloads.sourceforge.net/obiblio/openbiblio-0.6.0.tar.gz

OpenBiblio OpenBiblio 0.2

• OpenBiblio openbiblio-0.6.0.tar.gz
  http://downloads.sourceforge.net/obiblio/openbiblio-0.6.0.tar.gz

OpenBiblio OpenBiblio 0.2.1

• OpenBiblio openbiblio-0.6.0.tar.gz
  http://downloads.sourceforge.net/obiblio/openbiblio-0.6.0.tar.gz

OpenBiblio OpenBiblio 0.3

• OpenBiblio openbiblio-0.6.0.tar.gz
  http://downloads.sourceforge.net/obiblio/openbiblio-0.6.0.tar.gz

OpenBiblio OpenBiblio 0.5.1

• OpenBiblio openbiblio-0.6.0.tar.gz
  http://downloads.sourceforge.net/obiblio/openbiblio-0.6.0.tar.gz

OpenBiblio Reports System Unspecified Privilege Escalation Vulnerability

References:

• OpenBiblio Change Log (OpenBiblio)
  
• OpenBiblio Home Page (OpenBiblio)