Hello,

I once did, as part of a blind test, some hammering on a Siebel Web Engine.
At the time, I found some 'critial' situations wich i've reported to the
vendor. To be honest, I don't know if this has been fixed or not, this was
reported on April this year.
I am pasting this information from the notes I have here, forgive me if this
is not totally acurate:

Faulty request:
<quote>
start.swe?SWEMethod=Drilldown&SWEApplet=<applet>&SWEView=<view>SWEApcn=1&SWE
Field=l_FAQSWECmd=InvokeMethod&SWECount=12&SWERowIds=SWERowId0%3d1-MZ4<large
string>
</quote>

From my 'side' (the client), the consequences were:

1. Response to the 'attack' request: "Internal Error. Encountered an
unexpected exception."
2. Response from a normal request after that: "Unable to access SOM user to
process
this request. This server is too busy to process any more requests at the
moment."
3. Response from another normal request after: "System session cannot be
started. If
the problem persists, ask your systems administrator to make sure that the
application is started, and check the application configuration, including
database and anonymous user settings."

As this was part of a blind test, I have no clue on what really were the
consequences on the server side.
The only information I have been allowed to was, and quoting the sysadmin
( this is a translation, not necessary correct :-) ):
" You may stop this now! You're making our production database spitting fire
and smoke!"

So, I would guess that it was a database related problem :-)

Best regards,

Joao Gouveia
--------------
tharbadkaotik.org

----- Original Message -----
From: "Kevin Wharram" <kevin.wharramextraprise.com>
To: <vuln-devsecurityfocus.com>
Sent: Thursday, October 17, 2002 2:29 PM
Subject: Application Vulnerability Analysis

>
>
> All,
>
> I would like to do a vulnerability analysis on the Siebel (CRM)
> application, does anyone have documentation or information that I can get
> on how to do one.
>
>
> Kevin
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]