How can IRM help us?

Make our business PCI compliant
How can IRM help us make our business PCI compliant?

As one of the leading independent providers of information security consultancy and security testing services, IRM's PCI DSS services have helped several businesses with their compliance roadmap.

Like to know more?

Use the links below to view more information about the services discussed above.
Write code securely
How can IRM help us to write code securely?

How secure your code is depends on how security aware your development team is. IRM’s Secure Development Training exposes your developers to common application layer vulnerabilities and explains how they manifest in various development platforms.

Combine this with an ongoing code review process and it will highlight areas for improvement that can be fed back into the development cycle.

Like to know more?

Use the links below to view more information about the services discussed above.
- Secure Development Training
- Security Code Review
Assess the security of our new e-commerce platform
How can IRM help us assess the security of our new e-commerce platform?

Assessing the security of your business application depends on its development phase. The design should be reviewed early on in the project to ensure critical security requirements will be fulfilled and to weed out any glaring issues that could slip into production.

At development time, proactive identification of vulnerabilities via code review will cut costs associated with fixing defects in production. Finally, testing before going live is indispensable in ensuring the application provides a safe and secure environment for your customers and your business.

Like to know more?

Use the links below to view more information about the services discussed above.
Identify security bugs in our new product
How can IRM help us Identify security bugs in our new product?

IRM’s Product Security Review service exposes your product to all the necessary and rigorous processes you need to ship a secure release.

Like to know more?

Use the links below to view more information about the service discussed above.
- Product Security Review
Review the security of our new infrastructure project
How can IRM help us review the security of our new infrastructure project?

IRM’s infrastructure security services can assist you in reviewing the design and configuration followed by penetration testing of your business critical systems to ensure they are secure and sufficiently hardened.

Like to know more?

Use the links below to view more information about the services discussed above.
Implement a security management process
How can IRM help us implement a security management process?

From assessing the effectiveness of your information security processes to carrying out risk assessments of mature business environments, IRM consultants are equipped with the right tools and experience to generate a holistic view of the state of security in your organisation.

Like to know more?

Use the links below to view more information about the services discussed above.
- Information Security Health Check
- Risk Assessment
Confirm our security policy is being enforced
How can IRM help us confirm our security policy is being enforced?

IRM’s NetFACTS offering is a highly customizable service that reviews your fair use policies and translates them into software rules against which all network traffic is matched to identify deviations and policy violations.

Like to know more?

Use the links below to view more information about the service discussed above.
- NetFACTS
Manage a security breach
How can IRM help us manage a security breach?

The key to managing a security incident is timely identification and response. IRM’s Incident Response service coupled with our Digital Forensics capabilities has helped organisations detect, contain and eradicate incident sources for mission critical systems especially systems surrounding payment card data.

Once eradication is completed, our NetFACTS probes can be customized and deployed during the recovery and follow up phases to monitor and detect potential remnants of the incident.

Like to know more?

Use the links below to view more information about the services discussed above.

Upcoming Events

Need information quickly?

Multiple Vulnerabilities in Infovista Portal SE

Multiple Vulnerabilities in Infovista Portal SE

Vulnerability Type / Importance: Directory Traversal / High and Information Leak / Low

Problem Discovered: January 20th 2006
Vendor Contacted: January 20th 2006
Advisory Published: February 21st 2006

Abstract:
VistaPortal enables secure, browser-based access to service-centric performance information. The easy implementation, display and design of Portal-based dashboards and reports give accurate visibility into the performance of the entire global IT infrastructure. VistaPortal allows users to simultaneously view Key Performance Indicators (KPIs), real-time performance notifications and strategic business information, from which users can drill down to related real-time and historical reports residing in VistaMart, the InfoVista Server and VistaTroubleshooter. VistaPortal delivers rich, interactive content within a standards-based, open architecture that allows seamless integration with existing applications and easy incorporation of information into other Web Portals. (http://www.infovista.com/products/product_list.asp#vistaportal)

Description:
PortalSE allows a remote attacker to read any file on the filesystem as it runs with root privileges by default. It is also susceptible to a directory revelation issue.

Technical Details:
During a recent research engagement IRM found multiple vulnerabilites in the Infovista PortalSE software. Using specially crafted URLs it is possible to read any file on the filesystem. This is due to the product running with super-user privileges so it is possible to gain the system's password hashes.

Additionally, when selecting a non-existent server in the server field then the response reveals a full directory path, which can be useful to an attacker in fingerprinting the underlying operating system and directory structure:



An error occured while accessing the report '<nonexistentserver>_31457':

No Such Report Generated For You 

[-] Hide details 

/opt/InfoVista/PortalSE/files/default/<nonexistentserver>/31457/report.html

(No such file or directory)

java.io.FileNotFoundException:

/opt/InfoVista/PortalSE/files/default/<nonexistentserver>/31457/report.html

(No such file or directory)

Vendor & Patch Information:
The vendor has released a hotfix for the directory traversal issue (IV00038969) which should be applied. The vendor does not deem the information leakage of the directory path an issue and has not released a hotfix for this.

Tested Versions:
PortalSE 2.0 Build 20087 on Solaris 8

Credits:
Research & Advisory: P Robinson

Disclaimer:
All information in this advisory is provided on an 'as is' basis in the hope that it will be useful. Information Risk Management Plc is not responsible for any risks or occurrences caused by the application of this information.

How can IRM help us?

How can IRM help us make our business PCI compliant?

Like to know more?

How can IRM help us to write code securely?

Like to know more?

How can IRM help us assess the security of our new e-commerce platform?

Like to know more?

How can IRM help us Identify security bugs in our new product?

Like to know more?

How can IRM help us review the security of our new infrastructure project?

Like to know more?

How can IRM help us implement a security management process?

Like to know more?

How can IRM help us confirm our security policy is being enforced?

Like to know more?

How can IRM help us manage a security breach?

Like to know more?

Upcoming Events

Need information quickly?

Multiple Vulnerabilities in Infovista Portal SE