Full Disclosure mailing list archives
Re: DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection
From: James Condron <james () zero-internet org uk>
Date: Thu, 8 Dec 2011 11:36:13 +0000
Well kids, There is a next to useless disclosure. Its is also customary to show some kind f timeline of your correspondence with the vendor. I swear to $deity we used to have standards here, On 7 Dec 2011, at 16:51, ddivulnalert wrote:
Title ----- DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection Severity -------- High Date Discovered --------------- November 18, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: sxkeebler and r@b13$ Vulnerability Description ------------------------- The KnowledgeTree login.php login page is vulnerable to a blind SQL injection vulnerability within the username field. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host OS. Solution Description -------------------- KnowledgeTree has released a patch which addresses the issue. The new source is available at: http://wiki.knowledgetree.org/Security_advisory:_KnowledgeTree_login.php_Blind_SQL_Injection Tested Systems / Software ------------------------- KnowledgeTree Version 3.7.0.2 (community edition) Vendor Contact -------------- Vendor Name: KnowledgeTree, Inc. Vendor Website: http://www.knowledgetree.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection ddivulnalert (Dec 08)
- Re: DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection James Condron (Dec 08)