TYPO3-20060512-1: TYPO3 Security Bulletin

Two problems (path traversal and SQL injection) have been discovered in the extension dam_downloads

Component Type: Third Party Extension. The extension is not part of the
TYPO3 default installation
Affected Components: dam_downloads
Versions: 1.0.1 and earlier
Vulnerability Type: Path traversal and SQL injection
Severity: High
Problem Description:
A serious problem has been discovered in the file zipit.php that is used
as part of the dam_downloads extension which allows a user to download
arbitrary files from the server.
Also a weakness has been discovered that may be used to execute arbitrary SQL
Solution:
An updated version 1.1.0 is available in the extension repository and at typo3.org/extensions/repository/search/dam_downloads/1.1.0/
Users of the extension dam_downloads are advised to update the extension immideately.
Credits:
Thanks to Marc Bastian Heinrichs who discovered the vulnerability and notified
the security team. Special thanks to Rupert Germann, who is not the extension author, but volunteered to update the extension and did so within a few hours.