BMC Track-It! Multiple Vulnerabilities

Impact
Successful exploitation will allow remote attackers to perform SQL injections, arbitrary file upload/download and code execution.
Solution
Hotfixes are available for CVE-2014-4873 and CVE-2014-4874. For CVE-2014-4872 there is currently no hotfix available. As a workaround block all traffic from untrusted networks to TCP/UDP ports 9010 to 9020.
Insight
BMC Track-It! exposes several dangerous remote .NET services on port 9010 without authentication. .NET remoting allows a user to invoke methods remotely and retrieve their result (CVE-2014-4872). An authenticated user can engage in blind SQL Injection by entering comparison operators in the POST string for the /TrackItWeb/Grid/GetData page (CVE-2014-4873). A remote authenticated user can download arbitrary files on the /TrackItWeb/Attachment page (CVE-2014-4874).
Affected
BMC Track-It! version 11.3.0.355 and below.
Detection
Check the version of BMC Track-It!.
References