Vulnerabilities > CVE-2011-3833 - Unspecified vulnerability in Sitracker Support Incident Tracker 3.65
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unrestricted file upload vulnerability in ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in an unspecified directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
D2sec
| name | Sitracker SIT File Upload |
| url | http://www.d2sec.com/exploits/sitracker_sit_file_upload.html |
Exploit-Db
| description | Support Incident Tracker. CVE-2011-3829,CVE-2011-3833,CVE-CVE-2011-3833. Webapps exploit for php platform |
| file | exploits/php/webapps/18108.rb |
| id | EDB-ID:18108 |
| last seen | 2016-02-02 |
| modified | 2011-11-13 |
| platform | php |
| port | |
| published | 2011-11-13 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/18108/ |
| title | Support Incident Tracker <= 3.65 - Remote Command Execution |
| type | webapps |
Metasploit
| description | This module combines two separate issues within Support Incident Tracker (<= 3.65) application to upload arbitrary data and thus execute a shell. The two issues exist in ftp_upload_file.php. The first vulnerability exposes the upload dir used to store attachments. The second vulnerability allows arbitrary file upload since there is no validation function to prevent from uploading any file type. Authentication is required to exploit both vulnerabilities. |
| id | MSF:EXPLOIT/MULTI/HTTP/SIT_FILE_UPLOAD |
| last seen | 2020-06-07 |
| modified | 2017-07-24 |
| published | 2011-11-12 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/sit_file_upload.rb |
| title | Support Incident Tracker Remote Command Execution |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/106933/sit_file_upload.rb.txt |
| id | PACKETSTORM:106933 |
| last seen | 2016-12-05 |
| published | 2011-11-13 |
| reporter | Secunia Research |
| source | https://packetstormsecurity.com/files/106933/Support-Incident-Tracker-3.65-Remote-Command-Execution.html |
| title | Support Incident Tracker 3.65 Remote Command Execution |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:72324 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-72324 |
| title | Support Incident Tracker <= 3.65 Remote Command Execution |
References
- http://packetstormsecurity.org/files/106933/sit_file_upload.rb.txt
- http://secunia.com/advisories/45453
- http://secunia.com/secunia_research/2011-79/
- http://www.exploit-db.com/exploits/18108
- http://www.kb.cert.org/vuls/id/576355
- http://www.osvdb.org/77003
- http://www.securityfocus.com/bid/50632
- http://www.securityfocus.com/bid/50896
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71651
- http://packetstormsecurity.org/files/106933/sit_file_upload.rb.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71651
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71237
- http://www.securityfocus.com/bid/50896
- http://www.securityfocus.com/bid/50632
- http://www.osvdb.org/77003
- http://www.kb.cert.org/vuls/id/576355
- http://www.exploit-db.com/exploits/18108
- http://secunia.com/secunia_research/2011-79/
- http://secunia.com/advisories/45453