File: 100000445.txt

package info (click to toggle)
snort 2.7.0-20.4
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 34,512 kB
  • ctags: 18,772
  • sloc: ansic: 115,404; sh: 10,893; makefile: 1,372; perl: 487; sql: 213
file content (61 lines) | stat: -rw-r--r-- 1,150 bytes parent folder | download | duplicates (4)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61


Rule:

--
Sid:
100000445

--
Summary:
Particle Gallery is susceptible to an injection attack due to a lack
of input validation on the imageid variable used in the viewimage.php
component.

--
Impact:
The injection attack could result in data leakage, or potential remote
compromise.

--
Detailed Information:
Particle Gallery is prone to an SQL-injection vulnerability. This issue is due
to a failure in the application to properly sanitize user-supplied input 
before using it in an SQL query. 

A successful exploit could allow an attacker to compromise the application,
access or modify data, or exploit vulnerabilities in the underlying database
implementation.

The data type assigned to the column referenced by the variable is int, so
there should never be any text or characters outside of the int used to
identify the image.

--
Attack Scenarios:
Variable manipulation can be done with any browser.

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Edit code and add input validation.

--
Contributors:
Dan Ramaswami <danr@sourcefire.com>

-- 
Additional References:

--