Bugtraq mailing list archives
Lyris List Manager Administration Hole
From: Adam Hupp <hupp () UPL CS WISC EDU>
Date: Fri, 11 Aug 2000 22:43:07 -0500
Versions 3 and 4 of the Lyris List Manager allow any mailing list subscriber to gain access to the administrative interface of that list. After a user has logged in, they may modify the generated web page as follows to gain access: Save the html to disk, and add the full path to the server into the FORM tag. This allows it to be submitted when loaded from disk. Next change the value of <INPUT TYPE="hidden" NAME="list_admin" VALUE="F"> to a "T". When the page is loaded back in the browser the user has complete access to all list administrator functions. Lyris has been notified, and a fix is available at http://www.lyris.com/lm/lm_updates.html -Adam Note: I am not a representative of Lyris
Attachment:
_bin
Description:
Current thread:
- Lyris List Manager Administration Hole Adam Hupp (Aug 14)