[DCA-2011-0011] - Ocomon Multiple SQL Injection

[Ewerson Guimarães (Crash) - Dclabs <crash () dclabs com br>]

[DCA-2011-0011]

[Discussion]
- DcLabs Security Research Group advises about following vulnerability(ies):

[Software]
- Ocomon

[Vendor Product Description]
- The OCOMON came in March 2002 as a personal project of programmer
Franque Custodio, with the initial characteristics
of the registration, monitoring, control and consultation to support
incidents and taking as the first user
Centro Universitario La Salle (UNILASALLE). The starting at that time,
the system was assumed by Flávio Ribeiro Support Analyst who has adopted
the tool and since then has refined and implemented various features
aiming to meet the practical issues, operational and managerial
areas of technical support as Helpdesks and Service Desks (By Google Trasnlator)

- Souce: http://ocomonphp.sourceforge.net/

[Advisory Timeline]
- 04/Mar/2011 -> First notification sent.
- 29/Mar/2011 -> Second notification sent
- 05/Apr/2011 -> Third notification sent
- 18/Apr/2011 -> No vendor response
- 18/Apr/2011 -> Advisory published.

[Bug Summary]
- Multiple SQL Injection (SQLi)

[Impact]
- High

[Affected Version]
- Latest 2.0RC6
- Prior versions may also be affected

[Bug Description and Proof of Concept]

The proof of concept was demonstrated at WebSecurity Forum conference
in SP - Brazil

------------------------------------------------------------------------

All flaws described here were discovered and researched by:
Ewerson Guimaraes aka Crash.
Rodrigo Escobar aka Ipax.
Rener Alberto aka Gr1nch.
This research was conducted in partnership with Emanuel do Reis -
@emanueldosreis

DcLabs Security Research Group

[Workarounds]
- No Workaround

[Credits]
DcLabs Security Research Group.


--
Ewerson Guimaraes (Crash)
Pentester/Researcher
DcLabs Security Team
www.dclabs.com.br