NASLDB: Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010)
General
ID: 50433
Name: Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010)
Summary: Tries to manipulate the Active Users Report
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: 80
Family: Windows
Type: Remote
Description
The version of Symantec IM Manager installed on the remote Windows
host fails to sanitize input to the ‘whereClause’ parameter of the
‘rdpageimlogic.aspx’ script before using it in the ‘LoggedInUsers.lgx’
definition file to construct database queries.
An unauthenticated attacker may be able to exploit this issue to
manipulate database queries, leading to disclosure of sensitive
information or attacks against the underlying database.
Note that the application is also likely to be affected by several
other related SQL injection vulnerabilities, although Nessus has not
checked them.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2010-0112
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2010/10/27
Patch Release: 2010/10/27
Plugin Release: 2010/11/01
Plugin
Version: 1.7
Filename: symantec_im_mgr_whereclause_sqli.nasl
Filesize: 5375 bytes
MD5 Hash: 89717b2aa1704c35e5ca1dcc8c03dfb2
Identification: –
Require Keys: www/ASP
Dependencies: "http_version.nasl"
Copyright: This script is Copyright© 2010-2011 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack