Sign-up

ID

VAR-190001-0882


TITLE

Multiple cross-site scripting vulnerabilities in vtiger CRM 'index.php'

Trust: 0.6

sources: CNVD: CNVD-2011-4525

DESCRIPTION

Vtiger CRM is a web-based open source customer relationship management system. There are multiple cross-site scripting vulnerabilities in vtiger CRM. Because the program fails to properly filter user-supplied input, an attacker could exploit this vulnerability to execute arbitrary script code in a trusted user's browser in the affected site context, stealing cookie-based authentication and initiating other attacks. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. vtiger CRM 5.2.1 is vulnerable; other versions may also be affected. vtiger CRM is a free, full-featured, 100% Open Source CRM softwareideal for small and medium businesses, with low-cost product support availableto production users that need reliable support.vtiger CRM suffers from a XSS vulnerability when parsing user input tothe '_operation' and 'search' parameters via GET method in '/modules/mobile/index.php'script. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: vtiger CRM "default_user_name" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA42304 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42304/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42304 RELEASE DATE: 2010-11-18 DISCUSS ADVISORY: http://secunia.com/advisories/42304/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42304/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42304 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in vtiger CRM, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "default_user_name" parameter to index.php (when "module" is set to "Users" and "action" is set to "Login") is not properly sanitised in modules/Users/Login.php before being returned to the user. The vulnerability is confirmed in version 5.2.1. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Giovanni "evilaliv3" Pellerano and Alessandro "jekil" Tanasi ORIGINAL ADVISORY: Giovanni Pellerano and Alessandro Tanasi: http://www.ush.it/team/ush/hack-vtigercrm_520/vtigercrm_520.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.17

sources: CNVD: CNVD-2011-4525 // BID: 50364 // IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d // ZSL: ZSL-2011-5052 // PACKETSTORM: 95960

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-4525

AFFECTED PRODUCTS

vendor:vtigermodel:crmscope:eqversion:5.2.1

Trust: 1.2

sources: ZSL: ZSL-2011-5052 // IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-4525 // BID: 50364

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

ZSL: ZSL-2011-5052
value: (3/5)

Trust: 0.1

IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

sources: ZSL: ZSL-2011-5052 // IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201110-651

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 95960 // CNNVD: CNNVD-201110-651

EXPLOIT AVAILABILITY

sources:
            
            
            ZSL: ZSL-2011-5052

EXTERNAL IDS
db:BIDid:50364
Trust: 1.6
db:CNVDid:CNVD-2011-4525
Trust: 0.8
db:CNNVDid:CNNVD-201110-651
Trust: 0.6
db:SECUNIAid:42304
Trust: 0.2
db:IVDid:43E3F220-1F82-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:CXSECURITYid:WLB-2011100099
Trust: 0.1
db:XFid:70983
Trust: 0.1
db:PACKETSTORMid:106229
Trust: 0.1
db:ZSLid:ZSL-2011-5052
Trust: 0.1
db:PACKETSTORMid:95960
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2011-5052 // 
            
            
            
            IVD: 43e3f220-1f82-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2011-4525 // 
            
            
            
            BID: 50364 // 
            
            
            
            PACKETSTORM: 95960 // 
            
            
            
            CNNVD: CNNVD-201110-651

REFERENCES
url:http://www.securityfocus.com/bid/50364
Trust: 0.7
url:http://www.securityfocus.com/bid/50364/info
Trust: 0.6
url:www.vtiger.de
Trust: 0.3
url:http://secunia.com/advisories/42304/
Trust: 0.2
url:http://wiki.vtiger.com/index.php/vtiger530:release_notes
Trust: 0.1
url:http://www.exploit-db.com/ghdb/3737/
Trust: 0.1
url:http://packetstormsecurity.org/files/106229
Trust: 0.1
url:http://securityreason.com/wlb_show/wlb-2011100099
Trust: 0.1
url:http://xforce.iss.net/xforce/xfdb/70983
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42304
Trust: 0.1
url:http://secunia.com/products/corporate/evm/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/products/corporate/vim/
Trust: 0.1
url:http://secunia.com/advisories/42304/#comments
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://www.ush.it/team/ush/hack-vtigercrm_520/vtigercrm_520.txt
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            ZSL: ZSL-2011-5052 // 
            
            
            
            CNVD: CNVD-2011-4525 // 
            
            
            
            BID: 50364 // 
            
            
            
            PACKETSTORM: 95960 // 
            
            
            
            CNNVD: CNNVD-201110-651

CREDITS
Gjoko 'LiquidWorm' Krstic
Trust: 0.9
sources:
            
            
            BID: 50364 // 
            
            
            
            CNNVD: CNNVD-201110-651

SOURCES
db:ZSLid:ZSL-2011-5052
db:IVDid:43e3f220-1f82-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-4525
db:BIDid:50364
db:PACKETSTORMid:95960
db:CNNVDid:CNNVD-201110-651

LAST UPDATE DATE
2022-10-19T22:28:26.417000+00:00

SOURCES UPDATE DATE
db:ZSLid:ZSL-2011-5052date:2011-10-27T00:00:00
db:CNVDid:CNVD-2011-4525date:2011-10-27T00:00:00
db:BIDid:50364date:2011-10-26T00:00:00
db:CNNVDid:CNNVD-201110-651date:2011-10-28T00:00:00

SOURCES RELEASE DATE
db:ZSLid:ZSL-2011-5052date:2011-10-26T00:00:00
db:IVDid:43e3f220-1f82-11e6-abef-000c29c66e3ddate:2011-10-27T00:00:00
db:CNVDid:CNVD-2011-4525date:2011-10-27T00:00:00
db:BIDid:50364date:2011-10-26T00:00:00
db:PACKETSTORMid:95960date:2010-11-18T04:41:31
db:CNNVDid:CNNVD-201110-651date:1900-01-01T00:00:00