SQL Injection Vulnerability Fixed in Orbit Open Ad Server


Serious vulnerability found in Orbit Open Ad Server

Security researchers from High-Tech Bridge have identified an SQL Injection vulnerability in the Orbit Open Ad Server, a popular open-source ads server, that could have been leveraged to compromise websites running vulnerable installations.

The issue was discovered in mid-March. OrbitScripts LLC fixed the vulnerability shortly after being notified. The security hole has been addressed with the release of Orbit Open Ad Server 1.1.1.

Version 1.1.0 and probably prior variants are impacted, which is why users are advised to update their installations as soon as possible.

According to the advisory published by High-Tech Bridge on Wednesday, the flaw (CVE-2014-2540) can be exploited to launch SQL Injection attacks, alter SQL requests to the databases, and possibly even to gain control of impacted sites.

The security company’s CEO Ilia Kolochenko has told SecurityWeek that the vulnerability is “high risk.” While it might be a bit tricky to exploit, due to the fact that it’s a blind SQL Injection, the vulnerability can be leveraged by experienced hackers.

While OrbitScripts has fixed the security hole, there could be a lot of third-party services that use vulnerable versions of the application to manage ads. Cybercriminals can leverage these websites for malvertising attacks.

While there’s no evidence that the flaw has been exploited in the wild, it could have been.

You can download Orbit Open Ad Server, the latest version, from Softpedia. A proof-of-concept for this Orbit Open Ad Server vulnerability is available on High-Tech Bridge’s website.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s