SAINT CorporationSAINT:60253272CB59AD558101A0B152D41203BigAnt Messenger Server DUPF Arbitrary File Upload
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
99.4%
Added: 04/01/2013
CVE: CVE-2012-6274
BID: 57214
OSVDB: 89342
Background
BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more.
Problem
BigAnt Server 2.97 and earlier does not require authentication for file uploading, and does not properly verify or sanitize user-uploaded files. A remote attacker could upload a **.php** file to a user-accessible location. Subsequently requesting the file executes the script with the privileges of the web server.
Resolution
Contact the vendor for an update.
References
<http://www.kb.cert.org/vuls/id/990652>
Limitations
This exploit has been tested against BigAntSoft BigAnt Server 2.97 SP7 on Windows Server 2003 SP2 English with DEP OptOut.
Platforms
Windows
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
99.4%