Multiple vulnerabilities in SearchBlox
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2013-3590 CVE-2013-3597 CVE-2013-3598 |
| CWE-ID | CWE-434 CWE-200 CWE-22 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
SearchBlox Client/Desktop applications / Other client software |
| Vendor | SearchBlox |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Arbitrary file upload
EUVDB-ID: #VU42624
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2013-3590
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of user-supplied input when uploading files in admin/uploadImage.html. A remote attacker can upload and execute arbitrary file on the server via the unspecified vectors.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSearchBlox: 6.2 - 7.4
External linkshttp://buddhalabs.com/Advisories/WebAdvisories.html
http://www.kb.cert.org/vuls/id/592942
http://www.searchblox.com/developers-2/change-log
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU42625
Risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2013-3597
CWE-ID:
CWE-200 - Information exposure
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.
MitigationInstall update from vendor's website.
Vulnerable software versionsSearchBlox: 6.2 - 7.4
External linkshttp://buddhalabs.com/Advisories/WebAdvisories.html
http://www.kb.cert.org/vuls/id/592942
http://www.searchblox.com/developers-2/change-log
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Path traversal
EUVDB-ID: #VU42626
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2013-3598
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1. A remote authenticated attacker can send a specially crafted HTTP request and remote attackers to overwrite arbitrary files via a . (dot dot) in the name parameter.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSearchBlox: 6.2 - 7.4
External linkshttp://buddhalabs.com/Advisories/WebAdvisories.html
http://osvdb.org/96619
http://www.kb.cert.org/vuls/id/592942
http://www.searchblox.com/developers-2/change-log
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
