Attachmate Verastream Host Integrator (VHI) allows arbitrary file upload and execution

2013-11-04T00:00:00
ID VU:436214
Type cert
Reporter CERT
Modified 2013-11-19T22:40:00

Description

Overview

The Attachmate Verastream Host Integrator (VHI) is vulnerable to arbitrary file uploads and execution.

Description

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - CVE-2013-3626

The Attachmate VHI Session Server, on all platforms, allows unauthenticated remote attackers to write arbitrary files on the machine in which the product is installed by sending a specially crafted message to the VHI Session Server. The affected versions are:

* 7.5 SP 1 HF 1
* 7.5 SP 1
* 7.5
* 7.1 SP 2 HF 1 - 6
* 7.1 SP 2
* 7.1 SP 1
* 7.1
* 7.0
* 6.6
* 6.5
* 6.0

Impact

An attacker may be able to gain complete control of the server on which the application is installed.


Solution

Apply a HotfixAttachmate has released a hotfix to address this issue while a patch is being developed. The hotfix can be found at: <http://support.attachmate.com/techdocs/2700.html>


Vendor Information

436214

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Attachmate __ Affected

Notified: October 02, 2013 Updated: October 10, 2013

Status

Affected

Vendor Statement

A hotfix is available at: <http://support.attachmate.com/techdocs/2700.html>

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

  • <http://support.attachmate.com/techdocs/2700.html>

CVSS Metrics

Group | Score | Vector
---|---|---
Base | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C
Temporal | 7.5 | E:POC/RL:TF/RC:C
Environmental | 1.9 | CDP:N/TD:L/CR:ND/IR:ND/AR:ND

References

  • <http://cwe.mitre.org/data/definitions/22.html>
  • <http://support.attachmate.com/techdocs/2700.html>

Acknowledgements

Thanks to Arnold Geels of Attachmate for reporting this vulnerability.

This document was written by Chris King.

Other Information

CVE IDs: | CVE-2013-3626
---|---
Date Public: | 2013-11-04
Date First Published: | 2013-11-04
Date Last Updated: | 2013-11-19 22:40 UTC
Document Revision: | 13