Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Proventia Network Mail Security System Insecure Direct Object Reference

🗓️ 14 Sep 2010 00:00:00Reported by Dr. Marian VentuneacType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 33 Views

The IBM Proventia Network Mail Security System (PNMSS) firmware 1.6 is vulnerable to an Insecure Direct Object Reference (IDOR) flaw, allowing authenticated attackers to compromise system security via OS command execution and exposure of configuration files

Related
Code
ReporterTitlePublishedViews
Family
CVE		CVE-2010-0154
14 Sep 201016:39
cve
Cvelist		CVE-2010-0154
14 Sep 201016:39
cvelist
EUVD		EUVD-2010-0186
7 Oct 202500:30
euvd
NVD		CVE-2010-0154
14 Sep 201017:00
nvd
Prion		Directory traversal
14 Sep 201017:00
prion
securityvulns		MVSA-10-008 / CVE-2010-0154 - IBM Proventia Mail Security System - Insecure Direct Object Reference vulnerability
14 Sep 201000:00
securityvulns
securityvulns		IBM Proventia Mail Security System multiple security vulnerabilities
14 Sep 201000:00
securityvulns
`  
Security Advisory: MVSA-10-008 / CVE-2010-0154  
Vendor: IBM   
Products: Proventia Network Mail Security System  
Vulnerabilities: Insecure Direct Object Reference  
Risk: Medium   
Attack Vector: From Remote   
Authentication: Required  
Reference: http://www.ventuneac.net/security-advisories/MVSA-10-008  
  
  
  
Description  
  
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.  
  
The affected resource is not part of the IBM PNMSS firmware 2.5.  
  
By manipulating the l parameter of /sla/index.php resource, an authenticated attacker can perform any of the above attacks.  
  
The following test case can be used to expose internal system configuration for PHP engine:   
  
url_placeholder/sla/index.php?l=/../../../../../../../../etc/php.ini  
  
  
Affected Versions  
  
IBM Proventia Network Mail Security System - virtual appliance (firmware 1.6)  
  
  
Mitigation  
  
Vendor recommends upgrading to PNMSS firmware 2.5 or later.  
Alternatively, please contact IBM for technical support.   
  
  
Disclosure Timeline  
  
2009, November 07: Vulnerabilities discovered and documented  
2009, November 08: Notification sent to IBM  
2009, November 09: IBM acknowledges receiving the report  
2010, September 12: MVSA-10-008 advisory published.  
  
  
Credits  
  
Dr. Marian Ventuneac  
http://ventuneac.net  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 Sep 2010 00:00Current
6.7Medium risk
Vulners AI Score6.7
EPSS0.00134
ibm proventia network mail securityinsecure direct object referencefirmware 1.6authenticated attackos command executionconfiguration filesmitigationdr. marian ventuneac
33