(Vendor Issues Fix) Re: bttlxeForum Input Validation Flaw in Login Process Lets Remote Users Gain Access Without Authenticating
|
|
SecurityTracker Alert ID: 1006636 |
|
CVE Reference: CAN-2003-0215
(Links to External Site)
|
Date: Apr 23 2003
|
Impact: User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Description: SAUDI_DEFACERZ reported an input validation vulnerability in the 'bttlexForum' forum software. A remote user can inject certaion SQL command characters to login to the system without authenticating.
It is reported that the software does not filter or validate user-supplied input to remove SQL command characters from the username
and password fields [and possibly other fields]. A remote user can reportedly supply the following password with no user name when
logging in to become authenticated by the system:
'or''='
|
Impact: A remote user can gain access to the application without authenticating.
|
Solution: The vendor has issued a fix:
http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812
The vendor responded
rapidly to provide a fix:
23 April 2003, 14:43 UTC/GMT - Vendor notified
23 April 2003, 14:56 UTC/GMT - Vendor responded
23
April 2003, 16:03 UTC/GMT - Vendor posted fix
23 April 2003, 16:11 UTC/GMT - Vendor responded to indicate that a fix was available.
|
Vendor URL: www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812 (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 23 Apr 2003 17:09:49 -0400
Subject: RE: vulnerability in your software (bttlxeForum)
|
A fix has been made, tested by some of the beta testers, and released to
the public at this address:
http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812
|
|
