Info

Disclosure

Oct 18, 2004

Discovery

May 19, 2004

Dates

Exploit

Oct 18, 2004

Solution

Unknown

Description

The SalesLogix SLX server contains a flaw that allows a remote attacker to write to arbitrary files outside of the web path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the ProcessQueueFile variable.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, SalesLogix has released a patch to address this vulnerability.

Products

SalesLogix

CRM Server

6.1

References

Security Tracker: 1011769
Related OSVDB ID: 10942 10943 10944 10945 10946 10947 10948
Secunia Advisory ID: 12883
CVE ID: 2004-1612 (see also: NVD)
Keyword: Agenda-Security-Saleslogix-1-2004 best software sage group slx
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html
Vendor Specific Solution URL: http://support.saleslogix.com
Vendor URL: http://www.saleslogix.com

Credit

Carl Livitt - carlagenda-security.co.uk - Agenda Security Services

Direct URL: http://osvdb.org/36218