ush.it - a beautiful place

Vtiger CRM 5.2.0 Multiple Vulnerabilities

November 16, 2010 at 10:46 pm - Filed under Hacks - 1279 words, reading time ~4 minutes - Permalink - Comments

Giovanni "evilaliv3" Pellerano and Alessandro "jekil" Tanasi found multiple vulnerabilities in Vtiger CRM 5.2.0, a software we already audited in the past. High impact (for a web application) findings include a Remote Command Execution issue (thanks to a possible bypass in the file upload extension blacklist) and a Local File Inclusion that can be exploited by unauthenticated users. Two separate Cross Site Scripting issues have been found, the first on the login.

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa log escape sequence injection

January 11, 2010 at 2:16 am - Filed under Hacks, Language EN - 2587 words, reading time ~8 minutes - Permalink - Comments

If you have read our previous article Jetty 6.x and 7.x Multiple Vulnerabilities your are already familiar to an attack vector called log escape sequence injection. It allows remote attackers to remotely exploit terminal emulator vulnerabilities that may happen when displaying in an unsafe manner files containing escape sequences. While the real issue belong to the terminals, programs that does not sanitize outputs make this vector relevant in the real world.

Reed's Alert! Got something burning? Tell USH team.
THP USH Wisec DigitalBullets