Highly critical vulnerability discovered in Prado

[GoogleCodeExporter]

I've discovered a high severity information disclosure and data manipulation 
vulnerability in Prado, which allows retrieval and possibly also the 
destruction/removal of virtually any server-side file the web server process 
has access to. 

By using the exploit you might be able to for ex. retrieve the contents of a 
passwd file, any Prado source file, any system binary, and delete any and all 
source and/or data files on the web server (subject to file system permission 
of course).

It affects practically all Prado 3.x versions.

Have proof of concept exploit.

No full public disclosure, yet. Contact me for more information.

Original issue reported on code.google.com by google...@pcforum.hu on 15 Jul 2011 at 8:50

[GoogleCodeExporter]

Please send me an email rojaro@gmail.com

Original comment by rojaro@gmail.com on 16 Jul 2011 at 9:36

[GoogleCodeExporter]

patched in r3014, thank you

Original comment by ctrlal...@gmail.com on 16 Jul 2011 at 3:29

• Changed state: Fixed

[GoogleCodeExporter]

Will there be a bugfix release for this issue?

Original comment by google...@pcforum.hu on 19 Jul 2011 at 5:36

[GoogleCodeExporter]

Absolutely. a 3.1.10 version has already been tagged, but unfortunately we 
lacked the time to run all the tests, create and release an updated package. It 
will be done as soon as possible.

Original comment by ctrlal...@gmail.com on 19 Jul 2011 at 2:38