Security Advisory SA29744 - Avaya SIP Enablement Services Multiple Vulnerabilities

Secunia

Blog

Secunia Advisory SA29744

Avaya SIP Enablement Services Multiple Vulnerabilities

Secunia Advisory

SA29744

Release Date

2008-04-09

Last Update

2009-04-06

Popularity

9,898 views

Comments

0 comments

Criticality level

Highly critical

Impact

Security Bypass
Manipulation of data
System access

Where

From remote

Authentication level

This information is available to Secunia VIM customers

Report reliability

This information is available to Secunia VIM customers

Solution Status

Unpatched

Systems affected

This information is available to Secunia VIM customers

Approve distribution

This information is available to Secunia VIM customers

Remediation status

Secunia VIM

Operating System

Avaya SIP Enablement Services (SES) 3.x

Secunia CVSS Score

This information is available to Secunia VIM Customers

CVE Reference(s)

CVE-2008-6575 CVSS score available to Secunia VIM customers
CVE-2008-6574 CVSS score available to Secunia VIM customers
CVE-2008-6573 CVSS score available to Secunia VIM customers

Description

Some vulnerabilities have been reported in Avaya SIP Enablement Services, which can be exploited by malicious users and malicious people to conduct SQL injection attacks, bypass certain security restrictions, and potentially to compromise a vulnerable system.

1) Input passed within a SIP request is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) An unspecified error in the authentication process can be exploited to gain unauthorised access by reusing valid credentials.

3) Input passed to the SPIM pages is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation of some of these vulnerabilities require valid user credentials.

The vulnerabilities are reported in Avaya SIP Enablement Services 3.x, 4.0, and 5.0.

Solution
The vendor recommends that local and network access to the affected systems be restricted until an update is available.

Provided and/or discovered by
VoIPshield Systems Inc.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Avaya:
http://support.avaya.com/elmodocs2/security/ASA-2008-151.htm
http://support.avaya.com/elmodocs2/security/ASA-2008-150.htm

VoIPshield:
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,22/_cursor,7/_total,12/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,23/_cursor,8/_total,12/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,24/_cursor,9/_total,12/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,25/_cursor,10/_total,12/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,26/_cursor,11/_total,12/tableid,1/

Deep Links
Links available to Secunia VIM customers

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Avaya SIP Enablement Services Multiple Vulnerabilities

No posts yet

Secunia Advisory SA29744

Avaya SIP Enablement Services Multiple Vulnerabilities

Do you have additional information related to this advisory?

You must be logged in to post a comment.

Secunia Customer Login

Not a customer already?