February 8, 2007; 04:29 AM
A week after its unveiling, HACKER SAFE Labs announced today the discovery of five security risks affecting a variety of common ecommerce software, ranging from business intelligence to CRM applications. These Server Side Include flaws in open source applications can, in some cases, lead to complete control of compromised systems.
"These five are the first in what will be on-going contributions to the IT security and vendor communities," said ScanAlert Vice President of Security Services Brett Oliphant, who directs HACKER SAFE Labs. "We look forward to acting as an active and responsible security researcher, as well as using discoveries such as these to continually refine our HACKER SAFE technology."
HACKER SAFE Labs conducts proprietary research to uncover new vulnerabilities and publishes these findings in the form of security advisories. Below is each affected product, the product type, and the severity of each vulnerability:
Product Product Type Severity
------------------------ ------------------------
Application framework
and content management
Blueshoes 4.5 system High
------------------------ ------------------------
BROWSERCRM 4.615.11 Web-based CRM High
------------------------ ------------------------
PGOSD Object generator Medium
------------------------ ------------------------
PHP Code Snippet Library
stores favorite code
snippets, functions and
PHP-CSL classes High
------------------------ ------------------------
PHP List Newsletter manager High
------------------------ ------------------------
Each vulnerability could allow an attacker to load and execute code on the targeted server. Upon validating the vulnerabilities, HACKER SAFE Labs personnel reported the discoveries to the respective vendors to address the vulnerabilities and issue remediation solutions. ScanAlert also updated its HACKER SAFE technology to protect its customers from possible exploitation of these security risks.
|
PRESS BY MONTH
EDITOR'S DESK
SUBMIT PRESS
