CIA Security Research, Security Alerts, Security Tools for Application Security

- Top Vulnerabilities

- Resources

- Alerts

- Disclosure Guidelines

- Library Updates

- Cenzic Newsletter

- White Paper Download

CIA RESEARCH

Alerts

[CIA-1046-Alert] InfoVista VistaPortal Discloses Files and Path to Remote Users

Summary:

A vulnerability InfoVista VistaPortal 2.0 Build 20086 allows a remote attacker to access arbitrary files on the system via Directory Traversal attacks. It is also possible to obtain the real path of the Infovista server by generating server errors.

Technical Details:

Affected versions of InfoVista VistaPortal are vulnerable to directory traversal (../) attacks, although the particular variation that successfully exploits the vulnerability has not been disclosed. VistaPortal runs with root privileges, thereby allowing access to any file on the server, including files that contain server password configuration for the Solaris Operating System.

Additionally, it is possible to reveal the full path of the server by generating a report with a non-existent server as part of the report input. The resulting error message reveals the full path of the server. Knowing the installation path can help an attacker target specific files within the server's directory structure.

Solution:

Apply the InfoVista hotfix (IV00038969) to eliminate the directoy traversal vulnerability. Contact the vendor for additional information.

CVE Reference:

GENERIC-MAP-NOMATCH

SecurityTracker Number(s):

1015669

Vendor URL:

InfoVista VistaPortal

About the Cenzic CIA Team:

Cenzic Intelligent Analysis (CIA) is Cenzic's research arm that focuses on continuous research for application vulnerabilities. Industry Research, Vulnerability assessment, penetration testing, and security testing - that's what Cenzic Intelligent Analysis Research is all about. Cenzic has dedicated experts whose sole job is to perform ongoing research to find not only common vulnerabilities but also vulnerabilities found in customer applications and make them available to our customers and to the community at large.

About Cenzic:

Cenzic provides Hailstorm® the revolutionary enterprise software suite for automated application security assessment and compliance that allows corporations and government organizations to dramatically improve the security of commercial and custom applications. Hailstorm enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities, and verify compliance with security policies. Benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Cenzic's customers are currently in the financial services and e-marketplaces sectors. For more information visit www.cenzic.com or call 1-866-4-CENZIC


>	Datasheet: Hailstorm Enterprise ARC
>	Datasheet: Hailstorm Pro
>	Datasheet: Hailstorm Starter
>	Datasheet: Hailstorm Core
>	White Paper: Beyond Simple Vulnerabilities Scanning
>	White Paper: Cross Frame Scripting
>	White Paper: Cenzic Imperative Assessment Plan
>	White Paper: Enabling Security in the Software Development Lifecycle (PDF)