Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DB:SALESLOGIX-DISC

Severity

 Medium

Recommended

 No

Category

 DB

Keywords

 SalesLogix Database Credentials Disclosure

Release Date

 2011/03/11

Update Number

 1881

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DB: Best Software SalesLogix Database Credentials Disclosure


This signature detects attempts to exploit a known vulnerability against Best Software SalesLogix. Attackers may leverage these issues to manipulate and disclose database contents through SQL injection attacks, steal authentication credentials due to information disclosure vulnerability.

Extended Description

Best Software SalesLogix is affected by multiple vulnerabilities. These issues are due to design errors that reveal sensitive information, access control validation issues that allow unauthorized access and input validation issues facilitating SQL injection attacks. An attacker may leverage these issues to manipulate and disclose database contents through SQL injection attacks, steal authentication credentials due to information disclosure vulnerabilities and bypass authentication to gain administrator access to the server.

Affected Products

  • Best Software SalesLogix
  • SalesLogix Corporation SalesLogix 2000.0.0

References

  • BugTraq: 11450

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out