IBM Net.Commerce Remote Arbitrary Command Execution Vulnerability

Solution:
You must upgrade to a non-vulnerable version or at the very least upgrade to Net.Commerce version 3.2, which fixes the Administrator macros, while also removing the sample macros.

To remove sample macros:

* Locate the db2www.ini in the HTML document root for each instance.
* Review each ini file's MACRO_PATH to ensure that all macros are required by production and are not samples.
* Remove the directories that are not required for production.

The following directories contain sample code that should be removed from production systems. If you require a sample macro for your production systems you will need to modify it to validate its inputs.

Note:

According to IBM this bug is solved or at least there is a workaround for the problem. For more info please read
http://www-4.ibm.com/software/webservers/commerce/netcomletter.html
(information supplied by John Renne <john_renne@hotmail.com>)

Websphere Commerce Suite and Market Place Edition Version 4.1/4.1.1:

SUN Solaris

/opt/WebSphere/CommerceSuite/macro/en_US/base /opt/WebSphere/CommerceSuite/macro/en_US/bus2bus /opt/WebSphere/CommerceSuite/macro/en_US/category /opt/WebSphere/CommerceSuite/macro/en_US/demomall /opt/WebSphere/CommerceSuite/macro/en_US/euromall /opt/WebSphere/CommerceSuite/macro/en_US/grocery /opt/WebSphere/CommerceSuite/macro/en_US/product /opt/WebSphere/CommerceSuite/macro/en_US/tutorial /opt/WebSphere/CommerceSuite/models

IBM AIX

/usr/lpp/CommerceSuite/macro/en_US/base /usr/lpp/CommerceSuite/macro/en_US/bus2bus /usr/lpp/CommerceSuite/macro/en_US/category /usr/lpp/CommerceSuite/macro/en_US/demomall /usr/lpp/CommerceSuite/macro/en_US/euromall /usr/lpp/CommerceSuite/macro/en_US/grocery /usr/lpp/CommerceSuite/macro/en_US/product /usr/lpp/CommerceSuite/macro/en_US/tutorial /usr/lpp/CommerceSuite/models

Windows NT

IBM\CommerceSuite\macro\en_US\base IBM\CommerceSuite\macro\en_US\bus2bus IBM\CommerceSuite\macro\en_US\category IBM\CommerceSuite\macro\en_US\demomall IBM\CommerceSuite\macro\en_US\euromall IBM\CommerceSuite\macro\en_US\grocery IBM\CommerceSuite\macro\en_US\product IBM\CommerceSuite\macro\en_US\ncsample IBM\CommerceSuite\macro\en_US\tutorial
IBM\CommerceSuite\models IBM\CommerceSuite\instance\<instancename>\teditor

Net.Commerce/Service Provider Edition Version 3.2

SUN Solaris

/opt/IBMnetc/NetCommerce3/macro/en_US/bus2bus /opt/IBMnetc/NetCommerce3/macro/en_US/category /opt/IBMnetc/NetCommerce3/macro/en_US/demomall /opt/IBMnetc/NetCommerce3/macro/en_US/euromall /opt/IBMnetc/NetCommerce3/macro/en_US/grocery /opt/IBMnetc/NetCommerce3/macro/en_US/ncsample /opt/IBMnetc/NetCommerce3/macro/en_US/product /opt/IBMnetc/NetCommerce3/macro/en_US/tutorial

IBM AIX

/usr/lpp/NetCommerce3/macro/en_US/bus2bus /usr/lpp/NetCommerce3/macro/en_US/category /usr/lpp/NetCommerce3/macro/en_US/demomall /usr/lpp/NetCommerce3/macro/en_US/euromall /usr/lpp/NetCommerce3/macro/en_US/grocery /usr/lpp/NetCommerce3/macro/en_US/ncsample /usr/lpp/NetCommerce3/macro/en_US/product /usr/lpp/NetCommerce3/macro/en_US/tutorial

Windows NT

IBM\NetCommerce3\macro\en_US\bus2bus IBM\NetCommerce3\macro\en_US\category IBM\NetCommerce3\macro\en_US\demomall IBM\NetCommerce3\macro\en_US\euromall IBM\NetCommerce3\macro\en_US\grocery IBM\NetCommerce3\macro\en_US\ncsample IBM\NetCommerce3\macro\en_US\product IBM\NetCommerce3\macro\en_US\tutorial



 

Privacy Statement
Copyright 2010, SecurityFocus