lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <82877506-5481-4545-8C9F-34BFB1442326@Christian-Schneider.net>
Date: Sun, 14 Dec 2014 23:41:24 +0100
From: Christian Schneider <mail@...istian-Schneider.net>
To: bugtraq@...urityfocus.com
Subject: CVE-2014-2025   Remote Code Execution (RCE) in "Intrexx Professional"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


CVE-2014-2025
===================
"Remote Code Execution (RCE) via Unrestricted File Upload" (CWE-434) vulnerability
in "Intrexx Professional" product


Vendor
===================
United Planet GmbH


Product
===================
"Intrexx is an integrated cross-platform development environment for the creation 
and operation of web-based applications, enterprise portals and intranet portals."
 - source: https://en.wikipedia.org/wiki/Intrexx


Affected versions
===================
This vulnerability affects versions of Intrexx Professional 6.0 (prior to Online Update 10) 
and 5.2 (prior to Online Update 0905)


Patch availability
===================
The vendor has released the following fixes:
"Online Update 10" or later for Intrexx Professional 6.0 users
"Online Update 0905" or later for Intrexx Professional 5.2 users


Reported by
===================
This issue was reported to the vendor by Christian Schneider (@cschneider4711) 
following a responsible disclosure process.


Severity
===================
Critical


Exploitability
===================
Exploitable by unauthenticated attackers


Description
===================
Using an unrestricted file upload it is possible to execute arbitrary code on the remote server 
by uploading and remotely executing a malicious file that contains code by the attacker. 


Proof of concept
===================
Due to the responsible disclosure process chosen and to not harm unpatched systems, 
no concrete exploit code will be presented in this advisory.


References
===================
https://help.unitedplanet.com/?rq_AppGuid=C203A277EDDF9AD2492B776B996B20D4A7C58395&rq_TargetPageGuid=7A91F4B76FFC41A18F4EA4ACE26F31E033C5B018

https://help.unitedplanet.com/?rq_AppGuid=C203A277EDDF9AD2492B776B996B20D4A7C58395&rq_TargetPageGuid=2EBBF802B1970FE31EFC8A34108DF3F47E7A8EEC&rq_RecId=31&rq_SourceAppGuid=C203A277EDDF9AD2492B776B996B20D4A7C58395&rq_SourcePageGuid=7A91F4B76FFC41A18F4EA4ACE26F31E033C5B018&rq_SourceRecId=31#{1}

http://www.christian-schneider.net/advisories/CVE-2014-2025.txt


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iQIcBAEBAgAGBQJUjhBQAAoJEEDB74comLC+RLUQAIIt8gm+rbqfSVlX8lv3Keu2
smwtyRzaflCY14T69ZIcoUnaTg3qZTTWKb+f5AQ5aNh4RtPqvebw/Ws6eV9kUXtp
O3mvNSWOtMGVl5ILjtymFimE0HL00HezywLvpetq09uLDq0mQ/oiw0SEY7fcTGZs
QFJD/nuLdVDmiUm7jXal0SIQKpGPKgGRaYgQ4rY0p5UK6lOYFWvC7tzFjzyYYN2l
yBbzctu32souLQvb1NBoro7+m3O1nLZdygCiDAFWjs16PJqIGCYBR76M/hp17xjV
BuMIlqv48V6ovdIMhAGVyVkU1sHwBTwII5pS/gTM8/0z1mQ5HbAQJuadxRGOTSMt
hIElbEclzaOq/IyU5PuXN3dBN8HtGhdGydoI5NYPauQnPk1PAAeyn6o+ymrscKee
Ab5qO2PGAGHuzEsFy+NiLIsNkEHsUx39x5OrSFoG7y7Duhn1NZk1aDtaxooYupGG
1bz7Fte/trW9a0fhgns23jIswe/frL+f8gOteb8F8eZR8KV1i++Oe7bSpAKDSLOC
7vvkC0jBHL/8N3kcHkEZHEvlNL7yiYReU+o86M0ZcC+j5OsrLwKxoAAEl5wHmgaT
HanS8wr+C2h07TIwwdfk6TeZpUUjTnP0PLm/QSVbZ5klpt8myugMH0QcAMInGdBQ
gridV298e9Sgt9yettqF
=R/wg
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ