VDB-12789 · CVE-2013-10003 · MZ-13-06

Telecommunication Software SAMwin Contact Center Suite 5.1 Database SAMwinLIBVB.dll getCurrentDBVersion sql injection

W Telecommunication Software SAMwin Contact Center Suite 5.1 została stwierdzona podatność. Dotknięta jest funkcja getCurrentDBVersion w bibliotece SAMwinLIBVB.dll w komponencie Database Handler. Poprzez manipulację przy użyciu nieznanych danych wejściowych można doprowadzić do wystąpienia podatności sql injection. Raport na temat podatności został udostępniony pod adresem modzero.ch. Publikacja informacji została skoordynowana z producentem. Identyfikatorem tej podatności jest CVE-2013-10003. Atak może zostać przeprowadzony zdalnie. Techniczne szczegóły są znane. Uważa się go za proof-of-concept. Exploit można ściągnąć pod adresem modzero.ch. Podatność ta była wykorzystywana w exploicie typu 0-day przez co najmniej 174 dni. Aktualizacja do wersji 6.2 eliminuje tę podatność. Sugeruje się, że najlepszym zabezpieczeniem jest aktualizacja do najnowszej wersji. Potencjalne zabezpieczenie zostało opublikowane przed po ujawnieniu podatności.

Pole	2014-04-03 17:21	2019-03-31 22:05	2022-05-24 15:14
vendor	Telecommunication Software	Telecommunication Software	Telecommunication Software
name	SAMwin Contact Center Suite	SAMwin Contact Center Suite	SAMwin Contact Center Suite
version	5.1	5.1	5.1
component	Database Handler	Database Handler	Database Handler
library	SAMwinLIBVB.dll	SAMwinLIBVB.dll	SAMwinLIBVB.dll
function	getCurrentDBVersion	getCurrentDBVersion	getCurrentDBVersion
affectedlist	Telecommunication Software SAMwin Contact Center Suite 5.1 Telecommunication Software SAMwin Agent 5.01.19.06	Telecommunication Software SAMwin Contact Center Suite 5.1 Telecommunication Software SAMwin Agent 5.01.19.06	Telecommunication Software SAMwin Contact Center Suite 5.1 Telecommunication Software SAMwin Agent 5.01.19.06
vendorinformdate	1379635200	1379635200	1379635200
risk	2	2	2
historic	0	0	0
cvss2_vuldb_basescore	5.8	5.8	5.8
cvss2_vuldb_tempscore	4.3	4.3	4.3
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	N	N	N
cvss3_meta_basescore	6.5	6.5	6.5
cvss3_meta_tempscore	5.6	5.6	5.6
cvss3_vuldb_basescore	6.5	6.5	6.5
cvss3_vuldb_tempscore	5.6	5.6	5.6
advisoryquote	Due to the absence of any middleware sanitizing and verifying input data send by the SAMwin Agent, arbitrary SQL commands can be executed from the username field of the SAMwin Agent login mask. When a SAMwin Agent user logs in, the username and password will be compared against values that are stored in the database. By terminating the username with a single quote character, any person with access to the SAMwin Agent login form can execute malicious SQL statements. For example, the following string can be used as username to verify the SQL command execution on the SQL server.	Due to the absence of any middleware sanitizing and verifying input data send by the SAMwin Agent, arbitrary SQL commands can be executed from the username field of the SAMwin Agent login mask. When a SAMwin Agent user logs in, the username and password will be compared against values that are stored in the database. By terminating the username with a single quote character, any person with access to the SAMwin Agent login form can execute malicious SQL statements. For example, the following string can be used as username to verify the SQL command execution on the SQL server.	Due to the absence of any middleware sanitizing and verifying input data send by the SAMwin Agent, arbitrary SQL commands can be executed from the username field of the SAMwin Agent login mask. When a SAMwin Agent user logs in, the username and password will be compared against values that are stored in the database. By terminating the username with a single quote character, any person with access to the SAMwin Agent login form can execute malicious SQL statements. For example, the following string can be used as username to verify the SQL command execution on the SQL server.
date	1394668800 (2014-03-13)	1394668800 (2014-03-13)	1394668800 (2014-03-13)
location	Website	Website	Website
type	Advisory	Advisory	Advisory
url	http://www.modzero.ch/advisories/MZ-13-06_SAMwin_Architectural_Issues.txt	http://www.modzero.ch/advisories/MZ-13-06_SAMwin_Architectural_Issues.txt	http://www.modzero.ch/advisories/MZ-13-06_SAMwin_Architectural_Issues.txt
identifier	MZ-13-06	MZ-13-06	MZ-13-06
coordination	1	1	1
person_name	Tobias Ospelt/Max Moser	Tobias Ospelt/Max Moser	Tobias Ospelt/Max Moser
company_name	modzero AG	modzero AG	modzero AG
confirm_date	1379980800 (2013-09-24)	1379980800 (2013-09-24)	1379980800 (2013-09-24)
availability	1	1	1
date	1394668800 (2014-03-13)	1394668800 (2014-03-13)	1394668800 (2014-03-13)
publicity	1	1	1
url	http://www.modzero.ch/advisories/MZ-13-06_SAMwin_Architectural_Issues.txt	http://www.modzero.ch/advisories/MZ-13-06_SAMwin_Architectural_Issues.txt	http://www.modzero.ch/advisories/MZ-13-06_SAMwin_Architectural_Issues.txt
developer_name	Tobias Ospelt/Max Moser	Tobias Ospelt/Max Moser	Tobias Ospelt/Max Moser
language	SQL	SQL	SQL
price_0day	$0-$5k	$0-$5k	$0-$5k
name	Upgrade	Upgrade	Upgrade
upgrade_version	6.2	6.2	6.2
seealso	12788	12788	12788
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_ui	N	N	N
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_rc	UR	UR	UR
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	R	R	R
0day_days	174	174	174
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	N	N	N
cwe	0	89 (sql injection)	89 (sql injection)
cve			CVE-2013-10003
responsible			VulDB

◂ Poprzedni Przegląd Kolejny ▸

Do you know our Splunk app?

Download it now for free!