PT-2011-10: Abritrary Files Loading in ManageEngine ServiceDesk Plus 8.0 Vulnerable softwareManageEngine ServiceDesk Plus Version: 8.0 and earlierApplication link: http://www.servicedeskplus.comSeverity levelSeverity level: High Impact: Arbitrary Code Execution Access Vector: Remote CVSS v2: Base Score: 8.5 Vector: (AV:N/AC:M/Au:S/C:C/I:C/A:C)CVE: not assign Software description ManageEngine ServiceDesk Plus is a technical support and assests management system.Vulnerability descriptionThe specialists of the Positive Research center have detected "Abritrary Files Loading" vulnerability in ManageEngine ServiceDesk Plus.Insufficient CSV file input filtering in user import script allows attackers with guest privileges (account guest/guest) overwrite an arbitrary file in bin folder in ServiceDesk application via TP POST request. This vulnerability allows attackers to overwrite the script that starts and stops applciations that lead to arbitrary code execution as application is started or stopped.How to fix Update your software up to the latest versionAdvisory status 24.06.2011 - Vendor is notified 28.06.2011 - Vendor gets vulnerability details 23.04.2012 - Vendor releases fixed version and details 13.09.2012 - Public disclosureCreditsThe vulnerability has discovered by Alexander Zaitsev, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2011-10 Reports on the vulnerabilities previously discovered by Positive Research:http://ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/