Online Solutions for Educators Input Validation Hole Permits SQL Injection
|
|
SecurityTracker Alert ID: 1014072
|
|
SecurityTracker URL: http://securitytracker.com/id?1014072
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: May 28 2005
|
Impact: Disclosure of system information, Disclosure of user information, User access via network
|
Exploit Included: Yes
|
Description: Romty (Morteza Panahi) reported a vulnerability in Online Solutions for Educators. A remote user can inject SQL commands.
The 'login.asp' script does not properly validate user-supplied input in the 'password' parameter. A remote user can supply a specially
crafted parameter value to execute SQL commands on the underlying database. This can be exploited, for example, to gain administrative
access to the application.
A demonstration exploit value is provided:
Password= ' or ''='
The original advisory is available
at:
http://www.under9round.com/os4e.txt
|
Impact: A remote user can execute SQL commands on the underlying database. This can be exploited to gain administrative access on the application.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: os4e.com (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Windows (Any)
|
Reported By: Dj romty <rromtyy@gmail.com>
|
Message History:
None.
|
Source Message Contents
|
Date: Sat, 28 May 2005 03:07:48 +0430
From: Dj romty <rromtyy@gmail.com>
Subject: os4e password SQL injection
|
--------------------------------------------------------------------------------------------
ADVISORY INFORMATION
--------------------------------------------------------------------------------------------
Software Package :os4e
Vendor Homepage :http://os4e.com
Platforms :Windows Base Server
Vulnerability :Sqlinjection
Risk :High!
Vulnerable Versions :os4e
--------------------------------------------------------------------------------------------
SUMMARY
--------------------------------------------------------------------------------------------
os4e is a free web relation manager tool released by os4e.com
by using this portal you can easily manage the relations between
students and the teachers
--------------------------------------------------------------------------------------------
EXPLOIT
--------------------------------------------------------------------------------------------
Password= ' or ''='
This Is The Login File>>> login.asp
By Using This password you will be taken to admin control panel and
the Admin management board
--------------------------------------------------------------------------------------------
HOME PAGE
--------------------------------------------------------------------------------------------
Http://www.under9round.com
--------------------------------------------------------------------------------------------
SOLUTION
--------------------------------------------------------------------------------------------
Contact Me At: udnst@yahoo.com
--------------------------------------------------------------------------------------------
GREETINGS
--------------------------------------------------------------------------------------------
Specilal Greetz To My Beche + Friend ke az emshab saat 10 shod becheh
- Last-Samurai And All Under9round Digital Security Members
--------------------------------------------------------------------------------------------
CEREDITS
--------------------------------------------------------------------------------------------
Discovered By Romty (Morteza Panahi)
--------------------------------------------------------------------------------------------
REFERENCES
--------------------------------------------------------------------------------------------
http://www.under9round.com/os4e.txt
++++++++++++++++++++< UNDER9ROUND DIGITAL SECURITY TEAM >
-- sh4wsh4nk Redemption
|
|
