SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Forum/Board/Portal)  >  Acusend Vendors:  Acuma
Acuma Acusend Portal Access Control Bug Lets Remote Authenticated Users Obtain Reports of Other Users
SecurityTracker Alert ID:  1005487
CVE Reference:  CAN-2002-1538   (Links to External Site)
Updated:  Oct 24 2003
Original Entry Date:  Oct 25 2002
Impact:  Disclosure of user information
Version(s): 4
Description:  An access control vulnerability was reported in Acuma's Acusend portal software. A remote authenticated user may obtain information belonging to other users.

Sec-Tec reported that a remote authenticated user that knows a full URL for another user's report can access the report. The full URLs are apparently non-random and may be guessed or possibly predicted.
Impact:  A remote authenticated user can obtain reports belonging to other users.
Solution:  The vendor has reportedly fixed the flaw. No information was available on the fixed version number or the method required to obtain the fix.
Vendor URL:  www.acumasoftware.co.uk/products/acusend.asp (Links to External Site)
Cause:  Access control error
Reported By:  "David Wray" <davew@sec-tec.com>
Message History:   None.

 Source Message Contents
Date:  Fri, 25 Oct 2002 15:49:03 +0100
From:  "David Wray" <davew@sec-tec.com>
Subject:  Sec-Tec advisory 24.10.02 Unauthorised file acces in Acuma's Acusend

 




Possible illegal file access In Acuma's Acusend - 24th October 2002

Overview:

Acusend is a leading report portal product from Acuma (www.acuma.co.uk).
Acusend allows organisations to collect and collate information from a
diverse range of sources and present it via a uniform web interface. Acusend
is widely deployed in Government, Education and Aerospace industries.

During a penetration test of a client's network, Sec-Tec (www.sec-tec.co.uk)
has discovered that it is possible for an authenticated user to access
reports belonging to other users if the full URL to the report is known.
Although the full URLs may appear to be random, certain factors such as time
and date are sometimes used as part of the URL structure , thereby greatly
reducing entropy. Release of this information has been withheld awaiting a
corrected version
from Acuma.

Affected Versions:

Version 4, possibly previous (although not tested).

Recommended Action:

The vendor states that the issue is rectified in the latest version.

Released By:

David Wray, Sec-Tec Ltd (www.sec-tec.co.uk)

Thanks:

Sec-Tec would like to thank Acuma for their co-operation and swift response.



________________________________________________________________________
Sec-Tec Ltd, CLAS Government certified specialists in information security professional services. Vis
it http://www.sec-tec.co.uk for
 more information on our services. This e-mail has been scanned for possible virus contamination. How
ever, we recommend that all recipients
 also scan this message.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2002, SecurityGlobal.net LLC