usd-2018-0016 | Lexware Professional 2017/17.02

Advisory ID: usd-2018-0016
CVE Number: N/A
Affected Product: Lexware Professional 2017
Affected Version: 17.02
Vulnerability Type: Denial of Service
Security Risk: High
Vendor URL: https://shop.lexware.de/reisekosten-abrechnung
Vendor Status: Fixed

Description

The Denial of Service (DoS) attack is focused on making a resource (site, application, server) unavailable for the purpose it was designed. There are many ways to make a service unavailable for legitimate users by manipulating network packets, programming, logical, or resources handling vulnerabilities, among others. If a service receives a very large number of requests, it may cease to be available to legitimate users. In the same way, a service may stop if a programming vulnerability is exploited, or the way the service handles resources it uses.

Sometimes the attacker can inject and execute arbitrary code while performing a DoS attack in order to access critical information or execute commands on the server.
Denial-of-service attacks significantly degrade the service quality experienced by legitimate users. These attacks introduce large response delays, excessive losses, and service interruptions, resulting in direct impact on availability.

As stressed in the advisories usd-2018-0013, usd-2018-0014 and usd-2018-0015 the lack of ability to change the default database connection credentials within the application client, indicates that any changes to the encrypted password effectively prevents clients from successfully connecting to the database and thus providing an efficient DoS.

Proof of Concept

A sample screenshot is provided to enhance the ease of understanding.

Fix

The default database credentials should be removed from the application.

Credits

This security vulnerabilities were found by Sebastian Puttkammer of usd AG.

ABOUT usd SECURITY ADVISORIES

In order to protect businesses against hackers and criminals, we always have to keep our skills and knowledge up to date. Thus, security research is just as important for our work as is building up a security community to promote the exchange of knowledge. After all, more security can only be achieved if many individuals take on the task.

Our CST Academy and our usd HeroLab are essential parts of our security mission. We share the knowledge we gain in our practical work and our research through training courses and publications. In this context, the usd HeroLab publishes a series of papers on new vulnerabilities and current security issues.

Always for the sake of our mission: „more security.“

to usd AG


In accordance with usd AG’s Responsible Disclosure Policy, all vendors have been notified of the existence of these vulnerabilities.

Disclaimer

The information provided in this security advisory is provided „as is“ and without warranty of any kind. Details of this security advisory may be updated in order to provide as accurate information as possible.