PT-2014-04: Single Sign-On Vulnerability in Nixu Namesurfer Vulnerable softwareNixu Namesurfer Version: 7.2.2 and earlierLink: http://www.nixusoftware.com/our_products_ipam.htmlSeverity levelSeverity level: High Impact: Unauthorized Access Access Vector: Remote CVSS v2: Base Score: 9.0 Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)CVE: not assignedSoftware descriptionNixu Namesurfer implements a unified system for manageming DNS servers via web interface.Vulnerability descriptionThe specialists of the Positive Research center have detected a Single Sign-On vulnerability in Nixu Namesurfer.All services used by the Nixu Namesurfer software (PostgreSQL, Apache) use the same user account to operate. Therefore, a weakness in one of the services will affect all of them. For example, an "Arbitrary file reading" vulnerability in the web server allows an attacker to read the DB file and get records from a DB table as well.How to fixUpdate your sofware up to the latest versionAdvisory status 16.01.2014 - Vendor gets vulnerability details 14.03.2014 - Vendor releases fixed version and details 27.03.2014 - Public disclosureCreditsThe vulnerability was detected by Alexey Osipov, Alexander Tlyapov, and Valentin Shilnenkov, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2014-04 Reports on the vulnerabilities previously discovered by Positive Research:http://www.ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/