Full Disclosure mailing list archives
Multiple SQL Injection Vulnerabilities in DeskPRO
From: Aviram Jenik <aviram () beyondsecurity com>
Date: Mon, 20 Oct 2003 19:56:05 +0200
Multiple SQL Injection Vulnerabilities in DeskPRO ------------------------------------------------------------------------- Article reference: http://www.securiteam.com/unixfocus/6R0052K8KM.html SUMMARY DeskPRO (http://www.deskpro.com) is "an integrated script to manage your customer sales and support". The DeskPRO product uses a SQL engine (MySQL) to store information. The product contains multiple pages that do not adequately filter our user provided data, allowing a remote attacker to insert malicious SQL statements into existing ones. DETAILS Vulnerable systems: * DeskPRO version 1.1.0 and prior Immune systems: * DeskPRO version 1.1.2 Examples: http://vulsite.com/deskpro_v1/faq.php?cat=45' http://vulsite.com/deskpro_v1/faq.php?article=105' http://vulsite.com/deskpro_v1/view.php?ticketid=1'&ticket_pass= The vulnerability is better emphasized by the fact that a remote attacker can logon into the system with the administrator username without knowing the password by entering the following information in the logon screen: Email: admin Password: 'or''=' Vendor response: On the 21st of Sep 2003 this issue was reported to DeskPRO, the following reply was received on the same day: "Thank you for the notification, we will have a fix within 24 hours. We appreciate keeping the information out of the public domain until we have had time to fix and release a patch." On the 2nd of Oct 2003 after the majority of their customers patched the issue, we have decided to release this advisory. The information has been provided by SecurITeam Experts <expert () securiteam com>. -- Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.SecuriTeam.com Know that you're safe: http://www.AutomatedScanning.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Multiple SQL Injection Vulnerabilities in DeskPRO Aviram Jenik (Oct 20)
- <Possible follow-ups>
- Multiple SQL Injection Vulnerabilities in DeskPRO Aviram Jenik (Oct 20)