Has anyone who uses Crystal Reports installed the security patch mentioned below? I do not have a test environment to test it on and want some input before going through with it. Thank you! Tasita Ebacher 702 Communications Data Systems Engineer CCNA -----Original Message----- From: Secunia Security Advisories [mailto:sec-adv@xxxxxxxxxxx] Sent: Tuesday, June 08, 2004 2:52 PM To: tebacher@xxxxxxxxxx Subject: [SA11800] Crystal Reports and Crystal Enterprise Directory Traversal Vulnerability TITLE: Crystal Reports and Crystal Enterprise Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA11800 VERIFY ADVISORY: http://secunia.com/advisories/11800/ CRITICAL: Moderately critical IMPACT: Exposure of system information, Exposure of sensitive information, DoS WHERE: From remote SOFTWARE: Crystal Reports for C#Builder Crystal Reports for Borland JBuilder Crystal Reports for BEA WebLogic Workshop Crystal Reports 9 Crystal Enterprise 10 Crystal Enterprise 9 Crystal Enterprise Java SDK Crystal Reports 10 DESCRIPTION: Imperva Application Defense Center has discovered a vulnerability in Crystal Reports Web Viewers, allowing malicious people to disclose the content of arbitrary files or delete these. The vulnerability is caused due to an input validation error when handling HTTP requests, which can be exploited via directory traversal attacks. Successful exploitation allows retrieving or deleting arbitrary files on a vulnerable system via the Crystal Reports and the Crystal Enterprise Web viewers. The vulnerability affects the following products: * Crystal Enterprise 8.5 Java SDK * Crystal Enterprise RAS 8.5 for UNIX * Crystal Reports 9 * Crystal Enterprise 9 * Crystal Reports 10 * Crystal Enterprise 10 * Crystal Reports for Borland JBuilder * Crystal Reports for BEA WebLogic Workshop 8.1 * Crystal Reports for Borland C# Builder SOLUTION: Apply update. -- Crystal Enterprise 8.5 Java SDK -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/v85_critical_upda te_win.zip Solaris: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/ce85critical_upda te_jcesol.tar.gz AIX: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/ce85critical_upda te_jceaix.tar.gz -- Crystal Enterprise RAS 8.5 for UNIX -- Solaris: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/ras85critical_upd ate_sol.tar.gz -- Crystal Reports 9 -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/v9_critical_updat e_win.zip -- Crystal Enterprise 9 -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/v9_critical_updat e_win.zip -- Crystal Reports 10 -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/v10_critical_upda te_win.zip -- Crystal Enterprise 10 -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/v10_critical_upda te_win.zip Solaris: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/ce10critical_upda te_sol.tar.gz AIX: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/ce10critical_upda te_aix.tar.gz -- Crystal Reports for Borland JBuilder -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/cr10jbuilder_crit ical_update_win.zip Solaris: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/crjbuilder10criti cal_update_sol.tar.gz Linux: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/crjbuilder10criti cal_update_lnx.tar.gz -- Crystal Reports for BEA WebLogic Workshop 8.1 -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/bea81_critical_up date_win.zip Solaris: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/bea81_critical_up date_unix.tar.gz Linux: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/bea81_critical_up date_unix.tar.gz -- Crystal Reports for Borland C# Builder -- Windows: ftp://ftp1.businessobjects.com/outgoing/ehf/CriticalUpdate/bcsharp_critical_ update_win.zip PROVIDED AND/OR DISCOVERED BY: Imperva Application Defense Center ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=tebacher@xxxxxxxxxx ---------------------------------------------------------------------- ******************************************************** This Week's Sponsor - RTO Software / TScale What's keeping you from getting more from your terminal servers? Did you know, in most cases, CPU Utilization IS NOT the single biggest constraint to scaling up?! Get this free white paper to understand the real constraints & how to overcome them. SAVE MONEY by scaling-up rather than buying more servers. http://www.rtosoft.com/Enter.asp?ID=147 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm