8
Mar
2010
Siebel : Security Vulnerability !
by Nitin JainThis post could have far-reaching implications. I am still at crossroads whether I should be covering this or not..
The baseline is that there has been a Security Vulnerability detected, and announced. It is said to have been detected nearly a year ago, and informed to the Parent Organization. However, despite a year passing by, we are not aware of any remedial action having been taken by the Corporation. Since the vulnerability has already been publicly announced over the internet, we feel it’s safe to cover it here as well. We feel morally responsible to apprise Oracle Corp of the issue by building sufficient public opinion to patch it..
This Security Vulnerability has been detected in some of the older versions of Oracle’s very popular Siebel CRM Softwa=re, aka versions 7.7 and 7.8. It has not been tested on the older versions, but, expectedly it would appear there as well.
This Security Loophole has been detected by “Yaniv Miron”, a Security Researcher from Israel. Click here to reach his LinkedIn profile directly.
The vulnerability comes by the name of, “Oracle Siebel CRM ‘start.swe’ Cross Site Scripting Vulnerability”.
It is rated “Low Risk”, and is Remotely Exploitable.
The following is directly from VUPEN :
” ..This vulnerability could be exploited by attackers to execute arbitrary scripting code. This issue is caused by an input validation error in the “htim_enu/start.swe” script when processing user-supplied data, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user’s browser in the security context of an affected site.. “
SECUNIA says..
” ..Input passed via the URL to htim_enu/start.swe is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.. “
A simple example could be:
http://example.com/htim_enu/start.swe/?>'"><script>alert('XSS by Lament')</script>
Jan 2009 – Vulnerability found
Jan 2009 – Vendor Notification
Feb 2010 – Public Disclosure
Complete details about the vulnerability can be found at the following URLs where it was first reported:
http://www.vupen.com/english/advisories/2010/0516
http://seclists.org/bugtraq/2010/Mar/6
The original Advisories may be downloaded from the links below:
Siebel Loyalty Advisory
Siebel CRM Advisory
The vulnerability is already popular over Twitter.. try the link below..
Twitter Links for Siebel Advisory
Could there be better reasons to Upgrade to the latest Siebel versions, 8.x ?
Considering Siebel CRM is an expensive product targetted only at the companies with $250K+ revenues, this is all the more important.
Note: This post is for informational purposes only.
The author of this document is not and will not hold any responsibility for any illegal or unauthorized use of the information contained within this document, or that is implied from it.
The author of this document does not encourage in any way whatsoever, attacking any Siebel based System.
Related posts:
- Siebel – SIS OM PMT Service There are lots of vanilla business services available in Siebel...
- Siebel – Forcing User Logoff Hi all, Somebody recently asked me if there is a...
- Siebel – LookUpName() and LookUpValue() Hi all, I was working for a multi lingual implementation...
- Siebel – HTML Code displayed in Error Message There was a requirement in our project to make Account...
- Siebel – Upgrade Process – Part I If you have reached here, I assume you have already...
- Siebel – Automatic User Logout Logging out a user automatically, when the user does not...
- Siebel – Upgrade Roadmap – Part II This is a continuation of my previous post, Siebel –...
