Invision Power Board 1.x and 2.x Privilege Escalation Vulnerability

[Rapigator <rapigator () yahoo com>]

If an non-root admin goes to delete their own group, they are taken to a
screen that says "*Move users in this group to..." in which they can
select the root admin group and move themselves into it. actually, they
can move all users in any group into the root admin group

root admins have complete access to the database where regular admins do
not. they can run their own queries directly though invisionboard's "SQL
Toolbox" or download the database. only root admins can edit other root
admins' accounts.


This affects :
Invision Power Services Invision Board 1.0
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.1.1
Invision Power Services Invision Board 1.1.2
Invision Power Services Invision Board 1.2
Invision Power Services Invision Board 1.3 Final
Invision Power Services Invision Board 1.3
Invision Power Services Invision Board 1.3
Invision Power Services Invision Board 1.3.1 Final
Invision Power Services Invision Board 2.0 PF2
Invision Power Services Invision Board 2.0 PF1
Invision Power Services Invision Board 2.0 PDR3
Invision Power Services Invision Board 2.0 Alpha 3
Invision Power Services Invision Board 2.0
Invision Power Services Invision Board 2.0.1
Invision Power Services Invision Board 2.0.2
Invision Power Services Invision Board 2.0.3
Invision Power Services Invision Board 2.0.4
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/