Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

A web application on the remote Windows host is prone to a SQL
injection attack.

Description :

The version of Symantec IM Manager installed on the remote Windows
host fails to sanitize input to the 'whereClause' parameter of the
'rdpageimlogic.aspx' script before using it in the 'LoggedInUsers.lgx'
definition file to construct database queries.

An unauthenticated attacker may be able to exploit this issue to
manipulate database queries, leading to disclosure of sensitive
information or attacks against the underlying database.

Note that the application is also likely to be affected by several
other related SQL injection vulnerabilities, although Nessus has not
checked them.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-10-223
http://seclists.org/fulldisclosure/2010/Oct/424
http://www.nessus.org/u?bf68d8df

Solution :

Upgrade to Symantec IM Manager 8.4.16 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 50433 ()

Bugtraq ID: 44299

CVE ID: CVE-2010-0112

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now