Xerox DocuShare URL SQL Injection Vulnerability Network Vulnerability

Summary

This host is installed with Xerox DocuShare and is prone to multiple sql injection vulnerabilities.

Impact

Successful exploitation will allow attacker to execute arbitrary HTML or script code and manipulate SQL queries in the backend database allowing for the manipulation or disclosure of arbitrary data. Impact Level: Application

Solution

Apply the hotfix from the below link, http://www.xerox.com/download/security/security-bulletin/a72cd-4f7a54ce14460/cert_XRX14-003_V1.0.pdf

Insight

Input appended to the URL after /docushare/dsweb/ResultBackgroundJobMultiple/1 is not properly sanitised before being used in SQL queries.

Affected

Xerox DocuShare version 6.5.3 Patch 6, 6.6.1 Update 1, and 6.6.1 Update 2, Prior versions may also be affected.

Detection

Send a crafted HTTP GET request and check whether it is able to execute sql query or not.

References

http://osvdb.org/105972
http://packetstormsecurity.com/files/126171
http://secunia.com/advisories/57996
http://www.exploit-db.com/exploits/32886
http://www.xerox.com/download/security/security-bulletin/a72cd-4f7a54ce14460/cert_XRX14-003_V1.0.pdf
https://gist.github.com/brandonprry/10745681

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Tomcat /servlet Cross Site Scripting
AlefMentor Multiple SQL Injection Vulnerabilities
b2Evolution title SQL Injection
ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities

Take action and discover your vulnerabilities