Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | SmarterTools default basic web server vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | VU#240150 | First vendor Publication | 2011-05-18 |
| Vendor | VU-CERT | Last vendor Modification | 2011-05-18 |
| Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
Vulnerability Note VU#240150SmarterTools default basic web server vulnerabilitiesOverviewMultiple SmarterTools applications install a default basic web server which contains multiple vulnerabilitiesI. DescriptionMultiple SmarterTools applications by default install a basic web server which allows administrators to start using the application immediately after installation. This basic web server is vulnerable to multiple vulnerabilites. According to the vulnerability reporter this basic web server is vulnerable to XML injection, operating system command execution, LDAP injection, directory path traversal, and denial of service.II. ImpactAn attacker with network access to the SmarterTools application basic web server may be able to run system commands, inject arbitrary data, or download arbitrary files.III. SolutionThe vendor recommends that users do not use the included web server in a production environment. They advise users to use Microsoft Internet Information Services instead. Instructions for configuring the SmarterTools suite of applications to use Microsoft Internet Information Services can be found on SmarterTools knowledge base.Vendor Information
Referenceshttp://xss.cx/examples/smarterstats-60-oscommandinjection-directorytraversal-xml-sqlinjection.html.html Thanks to David Hoyt of Hoyt LLC Research for reporting these vulnerabilities. This document was written by Michael Orlando.
|
Original Source
| Url : http://www.kb.cert.org/vuls/id/240150 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 40 % | CWE-200 | Information Exposure |
| 10 % | CWE-310 | Cryptographic Issues |
| 10 % | CWE-287 | Improper Authentication |
| 10 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 10 % | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25) |
| 10 % | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25) |
| 10 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-06-01 | Name : SmarterMail Multiple Vulnerabilities May-11 File : nvt/secpod_smartermail_multiple_vuln_may11.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 75294 | SmarterStats Services/SiteAdmin.asmx Unspecified Parameters String Data XML I... |
| 75293 | SmarterStats Client/frmViewReports.aspx Unspecified Parameters String Data XM... |
| 75292 | SmarterStats Client/frmViewOverviewReport.aspx Unspecified Parameters String ... |
| 75291 | SmarterStats Cookie Handling Multiple Script String Data XML Injection Remote... |
| 75284 | SmarterTools SmarterStats Multiple Script Email Address Disclosure |
| 75283 | SmarterTools SmarterStats Login.aspx ctl00$MPH$txtPassword Password Field Aut... |
| 75282 | SmarterTools SmarterStats login.aspx HTTPOnly Flag Set-Cookie Header Remote I... |
| 75281 | SmarterTools SmarterStats UserControls/Popups/frmHelp.aspx Query String Cross... |
| 75280 | SmarterTools SmarterStats Client/frmViewReports.aspx Query String Cross-domai... |
| 75278 | SmarterTools SmarterStats Multiple Script Cleartext Password Network Sniffing... |
| 75277 | SmarterTools SmarterStats login.aspx Multiple Cookie SQL Injection |
| 75276 | SmarterTools SmarterStats Client/frmViewReports.aspx ReportType Parameter SQL... |
| 75275 | SmarterTools SmarterStats Services/SiteAdmin.asmx Multiple Parameter SQL Inje... |
| 75274 | SmarterTools SmarterStats Default.aspx PageTitle Parameter SQL Injection |
| 75273 | SmarterTools SmarterStats Admin/frmSite.aspx Multiple Parameter SQL Injection |
| 75272 | SmarterTools SmarterStats Admin/frmSite.aspx Multiple Parameter Traversal Arb... |
| 75044 | SmarterStats Multiple Script Content-Type Header Unspecified Remote Issue |
| 75043 | SmarterStats Multiple Directory Direct Request Directory Listing Disclosure |
| 75042 | SmarterStats Login.aspx Query String Multiple Parameter Cross-domain Referer ... |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48731 - Revision : 3 - Type : SERVER-WEBAPP |
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48730 - Revision : 3 - Type : SERVER-WEBAPP |
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48729 - Revision : 3 - Type : SERVER-WEBAPP |
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48728 - Revision : 3 - Type : SERVER-WEBAPP |
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48727 - Revision : 3 - Type : SERVER-WEBAPP |
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48726 - Revision : 3 - Type : SERVER-WEBAPP |
| 2019-01-29 | SmarterStats remote code execution attempt RuleID : 48725 - Revision : 3 - Type : SERVER-WEBAPP |
