CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional"

2014-12-22T00:00:00
ID SECURITYVULNS:DOC:31535
Type securityvulns
Reporter Securityvulns
Modified 2014-12-22T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

CVE-2014-2025

"Remote Code Execution (RCE) via Unrestricted File Upload" (CWE-434) vulnerability in "Intrexx Professional" product

Vendor

United Planet GmbH

Product

"Intrexx is an integrated cross-platform development environment for the creation and operation of web-based applications, enterprise portals and intranet portals." - source: https://en.wikipedia.org/wiki/Intrexx

Affected versions

This vulnerability affects versions of Intrexx Professional 6.0 (prior to Online Update 10) and 5.2 (prior to Online Update 0905)

Patch availability

The vendor has released the following fixes: "Online Update 10" or later for Intrexx Professional 6.0 users "Online Update 0905" or later for Intrexx Professional 5.2 users

Reported by

This issue was reported to the vendor by Christian Schneider (@cschneider4711) following a responsible disclosure process.

Severity

Critical

Exploitability

Exploitable by unauthenticated attackers

Description

Using an unrestricted file upload it is possible to execute arbitrary code on the remote server by uploading and remotely executing a malicious file that contains code by the attacker.

Proof of concept

Due to the responsible disclosure process chosen and to not harm unpatched systems, no concrete exploit code will be presented in this advisory.

References

https://help.unitedplanet.com/?rq_AppGuid=C203A277EDDF9AD2492B776B996B20D4A7C58395&rq_TargetPageGuid=7A91F4B76FFC41A18F4EA4ACE26F31E033C5B018

https://help.unitedplanet.com/?rq_AppGuid=C203A277EDDF9AD2492B776B996B20D4A7C58395&rq_TargetPageGuid=2EBBF802B1970FE31EFC8A34108DF3F47E7A8EEC&rq_RecId=31&rq_SourceAppGuid=C203A277EDDF9AD2492B776B996B20D4A7C58395&rq_SourcePageGuid=7A91F4B76FFC41A18F4EA4ACE26F31E033C5B018&rq_SourceRecId=31#{1}

http://www.christian-schneider.net/advisories/CVE-2014-2025.txt

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin)

iQIcBAEBAgAGBQJUjhBQAAoJEEDB74comLC+RLUQAIIt8gm+rbqfSVlX8lv3Keu2 smwtyRzaflCY14T69ZIcoUnaTg3qZTTWKb+f5AQ5aNh4RtPqvebw/Ws6eV9kUXtp O3mvNSWOtMGVl5ILjtymFimE0HL00HezywLvpetq09uLDq0mQ/oiw0SEY7fcTGZs QFJD/nuLdVDmiUm7jXal0SIQKpGPKgGRaYgQ4rY0p5UK6lOYFWvC7tzFjzyYYN2l yBbzctu32souLQvb1NBoro7+m3O1nLZdygCiDAFWjs16PJqIGCYBR76M/hp17xjV BuMIlqv48V6ovdIMhAGVyVkU1sHwBTwII5pS/gTM8/0z1mQ5HbAQJuadxRGOTSMt hIElbEclzaOq/IyU5PuXN3dBN8HtGhdGydoI5NYPauQnPk1PAAeyn6o+ymrscKee Ab5qO2PGAGHuzEsFy+NiLIsNkEHsUx39x5OrSFoG7y7Duhn1NZk1aDtaxooYupGG 1bz7Fte/trW9a0fhgns23jIswe/frL+f8gOteb8F8eZR8KV1i++Oe7bSpAKDSLOC 7vvkC0jBHL/8N3kcHkEZHEvlNL7yiYReU+o86M0ZcC+j5OsrLwKxoAAEl5wHmgaT HanS8wr+C2h07TIwwdfk6TeZpUUjTnP0PLm/QSVbZ5klpt8myugMH0QcAMInGdBQ gridV298e9Sgt9yettqF =R/wg -----END PGP SIGNATURE-----