Full Disclosure mailing list archives
[OPENX-SA-2008-002] OpenX 2.4.9 and 2.6.2 fix SQL injection vulnerability
From: Matteo Beccati <php () beccati com>
Date: Tue, 07 Oct 2008 18:58:45 +0200
======================================================================== OpenX security advisory OPENX-SA-2008-002 ------------------------------------------------------------------------ Advisory ID: OPENX-SA-2008-002 Date: 2008-Oct-06 Security risk: Moderately critical Applications affetced: OpenX Versions affected: <= 2.4.8, <= 2.6.1 Versions not affected: >= 2.4.9, >= 2.6.2 ======================================================================== ======================================================================== Vulnerability: Blind SQL injection in ac.php ======================================================================== Description ----------- A blind SQL injection vulnerability has recently been found by d00m3r4ng. The vulnerability affects the OpenX delivery engine, which does not require any kind of authentication. Input passed to the "bannerid" parameter in www/delivery/ac.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Solution -------- - Upgrade to OpenX 2.4.9 or 2.6.2 References ---------- - http://www.milw0rm.com/exploits/6655 - http://secunia.com/advisories/32114/ Timeline -------- 2008-Oct-02: the vulnerability was posted to the aforementioned security related website 2008-Oct-03: an OpenX user reported the link to our forums 2008-Oct-03: a quick patch for 2.6.x was released to mitigate the impact of exploits using the disclosed information 2008-Oct-04: a quick patch for 2.4.x was released to mitigate the impact of exploits using the disclosed information 2008-Oct-06: OpenX 2.6.2 was released 2008-Oct-07: OpenX 2.4.9 was released Contact informations ==================== The security contact for OpenX can be reached at: <security AT openx DOT org> -- Matteo Beccati OpenX - http://www.openx.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [OPENX-SA-2008-002] OpenX 2.4.9 and 2.6.2 fix SQL injection vulnerability Matteo Beccati (Oct 07)