Lyris ListManager Unauthorized Administrative User Addition Vulnerability

Lyris ListManager is prone to a design flaw that facilitates the addition of an unauthorized administrative user. The issue derives from the use of hidden form fields in the 'add administrator' form.

Attackers with administrative privileges to a Lyris list may exploit this vulnerability to add administrative users to arbitrary lists hosted on the same server. For example, an administrator for List-A can maliciously modify hidden form fields when conventionally adding an administrative user, causing that user to be added as an administrator to List-B.

Version 8.95 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus