(Vendor Issues Fix) Re: bttlxeForum Input Validation Flaw in Login Process Lets Remote Users Gain Access Without Authenticating
|
|
SecurityTracker Alert ID: 1006636 |
|
SecurityTracker URL: http://securitytracker.com/id/1006636
|
|
CVE Reference:
CVE-2003-0215
(Links to External Site)
|
Date: Apr 23 2003
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
SAUDI_DEFACERZ reported an input validation vulnerability in the 'bttlxeForum' forum software. A remote user can inject certain SQL command characters to login to the system without authenticating.
It is reported that the software does not filter or validate user-supplied input to remove SQL command characters from the username and password fields [and possibly other fields]. A remote user can reportedly supply the following password with no user name when logging in to become authenticated by the system:
'or''='
|
Impact:
A remote user can gain access to the application without authenticating.
|
Solution:
The vendor has issued a fix:
http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812
The vendor responded rapidly to provide a fix:
23 April 2003, 14:43 UTC/GMT - Vendor notified
23 April 2003, 14:56 UTC/GMT - Vendor responded
23 April 2003, 16:03 UTC/GMT - Vendor posted fix
23 April 2003, 16:11 UTC/GMT - Vendor responded to indicate that a fix was available.
|
Vendor URL: www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812 (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 23 Apr 2003 17:09:49 -0400
Subject: RE: vulnerability in your software (bttlxeForum)
|
A fix has been made, tested by some of the beta testers, and released to
the public at this address:
http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812
|
|
