SNS Vulnerability

Vtiger CRM Code Execution and Information Disclosure Vulnerabilities

Description

Multiple vulnerabilities have been identified in Vtiger CRM, which could be exploited by attackers to bypass security restrictions, disclose or manipulate certain data, or compromise a vulnerable system. These issues are caused by input and access validation errors in various scripts when processing user-supplied data and requests, which could allow malicious users or attackers to inject and execute arbitrary code, include files, manipulate data, or conduct cross site and request forgery attacks.

Vulnerable Products

Vulnerable Software:
Vtiger CRM versions prior to 5.1.0

Solution

Upgrade to Vtiger CRM version 5.1.0 : http://vtiger.com

CVE

CVE-2009-3258
CVE-2009-3257
CVE-2009-3251
CVE-2009-3250
CVE-2009-3249
CVE-2009-3248
CVE-2009-3247

References

http://www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL	3.2.0
Misc : Directory traversal - parameter starting with ../	3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL	3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL	3.2.0
PHP : Remote file inclusion prevention : suspicious root_path parameter found in URL	3.2.0
Directory traversal using ..\..	3.2.0
XSS - Phishing : suspicious 'div' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL	3.2.0
Directory traversal	3.2.0
XSS - Phishing : suspicious 'a' tag found in URL	3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL	3.2.0
PHP : Remote file inclusion prevention : URL found as parameter	3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL	3.2.0
XSS - Phishing : suspicious 'form' tag found in URL	3.2.0
XSS - Prevention - GET : javascript code found in URL	3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL	3.2.0
Directory traversal backward root folder	3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL	3.2.0
XSS - Phishing : suspicious 'link' tag found in URL	3.2.0
XSS - Prevention - GET : 'script' tag found in URL	3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL	3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL	3.2.0
Misc : Local File Inclusion - suspicious /etc/passwd found in URL	3.5.0

Risk level

Moderate

Vulnerability First Public Report Date

2009-08-19

Target Type

Client + Server

Possible exploit

Local & Remote