{"vuid":"VU#236668","idnumber":"236668","name":"Samsung Data Management Server vulnerable to SQL injection","keywords":["Samsung","Data Management Service","SQL injection"],"overview":"The Samsung Integrated Management System DMS is used to manage several air conditioning units. The DMS contains a built-in web server that is susceptible to SQL injection attacks.","clean_desc":"The DMS application's authentication form can be bypassed with SQL injection attacks. Versions 1.3.3, 1.4.1 and 1.4.2 are reported to be affected. Other versions may also be affected. More details can be found in ICS-CERT's 11-069-01 advisory.","impact":"An attacker can bypass authentication and access the web server as an administrative user.","resolution":"Apply an Update\nSamsung has provided a DMS Update Guide explaining how to apply the 1.4.3 patch. The patch and \"DMS Updater Plus\" application can be found on Samsung's download site.","workarounds":"Restrict Access Appropriate firewall rules should be implemented to restrict access to only trusted sources.","sysaffected":"","thanks":"Thanks to José A. Guasch from SecurityByDefault.com for reporting this vulnerability.","author":"This document was written by Jared Allar.","public":["http://www.samsung.com/au/systemsair/src/dvm_solution_integrated_ms.html","http://www.dvmcare.com/SRM/dms/download.html","http://www.dvmcare.com/SRM/dms/HowToUpgradeDMSSW.pdf","http://www.dvmcare.com/SRM/dms/DMSUpdaterPlus.zip","http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf","http://www.securitybydefault.com/2011/05/una-inyeccion-sql-que-te-dejara-helado.html"],"cveids":["CVE-2010-4284"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2010-11-05T13:11:03Z","publicdate":"2011-05-06T00:00:00Z","datefirstpublished":"2011-05-06T17:18:09Z","dateupdated":"2011-05-09T16:22:39Z","revision":25,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.0,"vulnote":null}