Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27666
HistoryFeb 13, 2012 - 12:00 a.m.

DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass

2012-02-1300:00:00
vulners.com
27
JSON

Title

DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection
Authentication Bypass

Severity

High

Discovered By

Digital Defense, Inc. Vulnerability Research Team
Credit: r@b13$

Date Discovered

December 7, 2011

Vulnerability Description

The 'LoginServlet' page on port 9000 of the SolarWinds Storage Manager
Server is vulnerable to a SQL injection within the 'loginName' field.
An attacker can leverage this flaw to bypass authentication to the
Storage Manager application or to execute arbitrary SQL commands and
extract sensitive information from the backend database using standard
SQL exploitation techniques. Additionally, an attacker may be able to
leverage this flaw to compromise the database server host operating
system.

Solution Description

SolarWinds has not yet provided a patch to address the issue. Digital
Defense, Inc. recommends restricting access to the affected port until
an update has been produced by the vendor.

Tested Systems / Software

32-bit SolarWinds Storage Manager Server version 5.1.2 on Windows 2003

Vendor Contact

Name: SolarWinds
Website: http://www.solarwinds.com/

JSON