CVE-2010-0112
Symantec IM Manager rdServer.dll sGetDefinition SQL Injection Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file; (2) unspecified parameters in a DetailReportGroup (aka DetailReportGroup.lgx) action to rdpageimlogic.aspx; the (3) selclause, (4) whereTrendTimeClause, (5) TrendTypeForReport, (6) whereProtocolClause, or (7) groupClause parameter in a SummaryReportGroup (aka SummaryReportGroup.lgx) action to rdpageimlogic.aspx; the (8) loginTimeStamp, (9) dbo, (10) dateDiffParam, or (11) whereClause parameter in a LoggedInUsers (aka LoggedInUSers.lgx) action to (a) rdpageimlogic.aspx or (b) rdPage.aspx; the (12) selclause, (13) whereTrendTimeClause, (14) TrendTypeForReport, (15) whereProtocolClause, or (16) groupClause parameter to rdpageimlogic.aspx; (17) the groupList parameter to IMAdminReportTrendFormRun.asp; or (18) the email parameter to IMAdminScheduleReport.asp.
Múltiples vulnerabilidades de inyección SQL en la Interfaz Administrativa en la extensión IIS en IM Manager de Symantec anterior a versión 8.4.16, permiten a los atacantes remotos ejecutar comandos SQL arbitrarios por medio de (1) el parámetro rdReport en el archivo rdpageimlogic.aspx, relacionado con la función sGetDefinition en la biblioteca rdServer.dll, y declaraciones SQL contenidas en un determinado archivo de informe; (2) parámetros no especificados en una acción DetailReportGroup (también se conoce como DetailReportGroup.lgx) en el archivo rdpageimlogic.aspx; el parámetro (3) selclause, (4) whereTrendTimeClause, (5) TrendTypeForReport, (6) whereProtocolClause o (7) groupClause en una acción SummaryReportGroup (también se conoce como SummaryReportGroup.lgx) en el archivo rdpageimlogic.aspx; el parámetro (8) loginTimeStamp, (9) dbo, (10) dateDiffParam o (11) whereClause en una acción LoggedInUsers (también se conoce como LoggedInUSers.lgx) en el archivo (a) rdpageimlogic.aspx o (b) rdPage.aspx; el parámetro (12) selclause, (13) whereTrendTimeClause, (14) TrendTypeForReport, (15) whereProtocolClause, o (16) groupClause en el archivo rdpageimlogic.aspx; (17) el parámetro groupList en el archivo IMAdminReportTrendFormRun.asp; o (18) parámetro email en el archivo IMAdminScheduleReport.asp.
This vulnerability allows remote attackers to inject arbitrary SQL into the backend database on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the IM Manager interface exposed by the web server which listens by default on TCP port 80. The rdpageimlogic.aspx file does not validate the rdReport variable when parsing requests. It parses SQL statements from the file pointed to by this variable. A remote attacker can abuse this behavior to inject arbitrary SQL into the backend database.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-12-31 CVE Reserved
- 2010-10-27 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/68901 | Vdb Entry | |
| http://osvdb.org/68902 | Vdb Entry | |
| http://osvdb.org/68903 | Vdb Entry | |
| http://www.securityfocus.com/bid/44299 | Vdb Entry | |
| http://www.securitytracker.com/id?1024648 | Vdb Entry | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101027_01 | X_refsource_confirm | |
| http://www.zerodayinitiative.com/advisories/ZDI-10-220 | X_refsource_misc |
|
| http://www.zerodayinitiative.com/advisories/ZDI-10-221 | X_refsource_misc |
|
| http://www.zerodayinitiative.com/advisories/ZDI-10-222 | X_refsource_misc |
|
| http://www.zerodayinitiative.com/advisories/ZDI-10-223 | X_refsource_misc |
|
| http://www.zerodayinitiative.com/advisories/ZDI-10-224 | X_refsource_misc |
|
| http://www.zerodayinitiative.com/advisories/ZDI-10-225 | X_refsource_misc |
|
| http://www.zerodayinitiative.com/advisories/ZDI-10-226 | X_refsource_misc |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/62806 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/41959 | 2017-08-17 | |
| http://www.vupen.com/english/advisories/2010/2789 | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | <= 8.4.15 Search vendor "Symantec" for product "Im Manager" and version " <= 8.4.15" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 6.0 Search vendor "Symantec" for product "Im Manager" and version "6.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 6.5 Search vendor "Symantec" for product "Im Manager" and version "6.5" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 7.0 Search vendor "Symantec" for product "Im Manager" and version "7.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 7.5 Search vendor "Symantec" for product "Im Manager" and version "7.5" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.3 Search vendor "Symantec" for product "Im Manager" and version "8.3" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.0 Search vendor "Symantec" for product "Im Manager" and version "8.4.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.1 Search vendor "Symantec" for product "Im Manager" and version "8.4.1" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.2 Search vendor "Symantec" for product "Im Manager" and version "8.4.2" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.5 Search vendor "Symantec" for product "Im Manager" and version "8.4.5" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.6 Search vendor "Symantec" for product "Im Manager" and version "8.4.6" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.7 Search vendor "Symantec" for product "Im Manager" and version "8.4.7" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.8 Search vendor "Symantec" for product "Im Manager" and version "8.4.8" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.9 Search vendor "Symantec" for product "Im Manager" and version "8.4.9" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.10 Search vendor "Symantec" for product "Im Manager" and version "8.4.10" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.11 Search vendor "Symantec" for product "Im Manager" and version "8.4.11" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.12 Search vendor "Symantec" for product "Im Manager" and version "8.4.12" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Im Manager Search vendor "Symantec" for product "Im Manager" | 8.4.13 Search vendor "Symantec" for product "Im Manager" and version "8.4.13" | - |
Affected
| ||||||