Salesboom.com Says SugarCRM Goes Sour with Major Security Flaw Exposing Customer Data

Salesboom.com (http://www.salesboom.com), industry-leading provider of hosted CRM, SFA, ERP and CLM solutions, today revealed a security exploit present in the SugarCRM open source hosted CRM software product. The security exploit present in the flawed open source software exposes sometimes sensitive customer data to anyone with access to an Internet connection, and requires absolutely no login authentication to display the information. While Salesboom will not be exposing this exploit to the general public to protect SugarCRM customers' data integrity, it acknowledges that this type of security hole is even more dangerous in an open source software environment, as there could be developers in the community who already have taken note of the exploit and plan to use it maliciously.

"The security exploit present exposes sometimes sensitive customer data to anyone with access to an Internet connection, and requires absolutely no login authentication to display the information," said Rod Gillis, a developer with Salesboom.com.

"Many hosted CRM buyers were concerned about the potential security issues in both a hosted CRM and an open-source environment to begin with," commented Rami Hamodah, Salesboom President and Co-Founder. "This just confirms that their suspicions were correct. I'm not going to reveal what the security exploit is to the general public for obvious reasons, but we will be trying to work with SugarCRM directly to get this cleared up for their customers as soon as possible. We've had customers migrate from the open source SugarCRM over to Salesboom in the past because of security concerns, and I'm sure we'll continue well after this exploit is addressed. Businesses want a secure, reliable product, and that's what they deserve. Salesboom delivers that."

The security hole allows any unauthenticated user with basic levels of technology expertise to access any number of critical data within the SugarCRM system, including sales information and customer information amongst others. This data is easily accessible to anyone, whether or not they are logged into the SugarCRM system.

For more information on the Salesboom.com suite of hosted CRM software solutions, interested parties are asked to contact the Salesboom sales department at sales@salesboom.com or toll free at 1.877.CRM.SALE. More information is available at http://www.salesboom.com.

Related Articles

• Sun Dominates Data Warehousing on the UNIX Platform
  17 September 2005



• Segue Extends SilkTest Functional Testing Support to Linux and UNIX Platforms
  16 September 2005



• Optaros Announces SugarCRM Partnership; Focus on Planning, Integrating, and Implementing New Sugar Enterprise Edition
  13 September 2005



• Joseph D Takes Over UNIX Administration Position Based On McKenzie Scott's Recommendations
  28 August 2005



• FreeBSD Unix Training to be held in September in Phoenix, AZ
  27 August 2005



• PassGo Technologies' UNIX Privilege Manager awarded "Recommended" rating by SC Magazine
  22 August 2005



• Quest Software Unveils Its Strategy for Unix, Linux, Windows Cross-Platform Infrastructure Management
  18 August 2005



• SugarCRM Expands CRM Portfolio with Sugar Enterprise Edition
  16 August 2005



• VShell Server for UNIX
  15 August 2005



• Centrify Ships DirectControl 2.0, Delivers Enterprise-Class Security and Management for UNIX, Linux and Mac
  10 August 2005



• Tripwire Broadens Infrastructure Coverage With Tripwire Enterprise For Unix, Linux And Solaris
  14 July 2005



• O'Reilly Releases "Learning Unix for Mac OS X Tiger"
  12 July 2005



• Unix compatible script to sell products using the stormpay shopping system
  7 July 2005



• O'Reilly Releases "Mac OS X Tiger for Unix Geeks"
  28 June 2005



• New Fujitsu PRIMEPOWER UNIX Servers Feature Processors Exceeding 2 GHz
  20 May 2005