Vtiger exploit - extremely dangerous

Any and all non-support discussions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

Vtiger exploit - extremely dangerous

Postby ciacho » Thu May 24, 2012 6:12 am

I was found in my server strange apache logs:
http://ip_address/vtigercrm/modules/com ... al.conf%00

Attacker can view any file.

Vulnerability: Vtiger 5.10

More information:
http://www.securityfocus.com/bid/47263/discuss
VICIdial installations in POLAND
ciacho
 
Posts: 48
Joined: Tue Jul 08, 2008 1:46 am
Location: POLAND

Re: Vtiger exploit - extremely dangerous

Postby DomeDan » Thu May 24, 2012 6:43 am

Damn! thank you for that information!
I haven't even thought about vulnerabilities in vtiger because I haven't used it.

People like me who dont use it can do a quick fix by disable access to vtigercrm/ with this command:
(and thus prevent other unknown exploits in vtiger to be accessed too!)
Code: Select all
chmod 000 /srv/www/htdocs/vtigercrm/


To make it accessible again you can use: chmod 755 /srv/www/htdocs/vtigercrm/
Vicidial Partner. Region: Sweden/Norway.
Does Vicidial installation, configuration, customization, add-ons, CRM implementation, support, upgrading, network-related, pentesting etc. Remote and onsite assistance.
Email: domedan (at) gmail.com
DomeDan
 
Posts: 1226
Joined: Tue Jan 04, 2011 9:17 am
Location: Sweden

Re: Vtiger exploit - extremely dangerous

Postby mflorell » Thu May 24, 2012 11:37 am

Thank you for posting this. That is one of the reasons we stopped including Vtiger on our vicibox ISOs. Most likely we will disable Vtiger integration features at some point in the future since they have not been updated i a couple years, and nobody wants to sponsor the upkeep costs of the integration(which are rather significant).
mflorell
Site Admin
 
Posts: 18387
Joined: Wed Jun 07, 2006 2:45 pm
Location: Florida


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 56 guests