Apache LDAP / Directory Studio Command Injection

2016.01.05

Credit: Muhammad Shahmeer Amir

Risk: High

Local: No

Remote: Yes

CVE: CVE-2015-5349

CWE: CWE-78

CVSS Base Score: 9.3/10

Impact Subscore: 10/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: Complete

Integrity impact: Complete

Availability impact: Complete

CVE-2015-5349: Apache Directory Studio command injection vulnerability
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
- Apache LDAP Studio 0.6.0 to 0.8.1
- Apache Directory Studio 1.0.0 to 2.0.0-M9
Description:
The CSV export didn?t escape the fields properly. Malicious users can
put specially crafted values into the LDAP server. When a user exports
that data into CSV formatted file, and subsequently opens it with a
spreadsheet application, the data is interpreted as a formula and executed.
Mitigation:
Users should upgrade to Apache Directory Studio 2.0.0-M10
Credit:
This issue was discovered by ?Muhammad Shahmeer Amir.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Apache LDAP / Directory Studio Command Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.