BID:39040

Trac Ticket Validation Security Bypass Vulnerability

Info

Trac Ticket Validation Security Bypass Vulnerability

Bugtraq ID:	39040
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 30 2010 12:00AM
Updated:	Apr 01 2010 06:42PM
Credit:	Trac
Vulnerable:	Trac Trac 0.11.6 Trac Trac 0.11.5 Trac Trac 0.11.4 Trac Trac 0.11.3 Trac Trac 0.11.2 Trac Trac 0.11.1 Trac Trac 0.11 Trac Trac 0.10.5 Trac Trac 0.10.4 Trac Trac 0.10.3 1 Trac Trac 0.10.3 Trac Trac 0.9.6 Trac Trac 0.9.5 Trac Trac 0.9.4 Red Hat Fedora 13 Red Hat Fedora 12 Red Hat Fedora 11 Nortel Networks VPN Router 1010 0.9.3

Not Vulnerable:	Trac Trac 0.11.7

Discussion

Trac Ticket Validation Security Bypass Vulnerability

Trac is prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Versions prior to Trac 0.11.7 are vulnerable.

Exploit / POC

Trac Ticket Validation Security Bypass Vulnerability

An attacker can exploit this issue using a browser.

Solution / Fix

Trac Ticket Validation Security Bypass Vulnerability

Solution:
The vendor has released an update. Please see the references for details.

Trac Trac 0.11

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

Trac Trac 0.11.1

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

Trac Trac 0.11.2

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

Trac Trac 0.11.3

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

Trac Trac 0.11.4

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

Trac Trac 0.11.5

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

Trac Trac 0.11.6

Trac Trac-0.11.7.zip
http://ftp.edgewall.com/pub/trac/Trac-0.11.7.zip

References

Trac Ticket Validation Security Bypass Vulnerability

References:

Trac 0.11.7 Changelog (Trac)
Trac Homepage (Trac)