CVE-2011-4970

Name of the Vulnerable Software and Affected Versions LCG Disk Pool Manager (DPM) versions prior to 1.8.6

Description The issue allows remote attackers to execute arbitrary SQL commands via vulnerable variables in several functions. The affected variables include r token, surl, to surl, u token, and s token in various functions such as dpm get pending req by token, dpm get cpr by surl, dpm get cpr by surls, and others. Additionally, remote administrators can execute arbitrary SQL commands via the poolname variable in functions like dpm get pool entry and dpm insert fs entry.

Recommendations For LCG Disk Pool Manager (DPM) versions prior to 1.8.6, update to version 1.8.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable functions and variables until a patch is applied. Avoid using the vulnerable variables r token, surl, to surl, u token, s token, and poolname in the affected API endpoints until the issue is resolved.