| VID |
210084 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Sugar Suite software is vulnerable to a directory traversal vulnerability in the Module Builder. Sugar Suite is a customer relationship management (CRM) software package written in PHP. Module Builder is a module for building SugarCRM modules. Module Builder version 1.0 in Sugar Suite could allow a remote attacker to traverse directories on the system, caused by improper validation of user-supplied input passed to the 'file' parameter of the 'modules/Builder/DownloadModule.php' script. By sending a specially-crafted URL request to the DownloadModule.php script containing "dot dot" sequences (/../) and a filename followed by a null character (%00) in the file parameter, a remote attacker could traverse directories and read arbitrary files on the affected system.
* References:
http://www.milw0rm.com/exploits/4591
* Platforms Affected:
ModuleBuilder version 1.0
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of June 2014.
As a workaround, edit the source code to ensure that input is properly sanitized. |
| Related URL |
CVE-2007-5812 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
38186 (ISS) |
|
