File: 2078.txt

package info (click to toggle)
snort 2.7.0-20.4
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 34,512 kB
  • ctags: 18,772
  • sloc: ansic: 115,404; sh: 10,893; makefile: 1,372; perl: 487; sql: 213
file content (62 lines) | stat: -rw-r--r-- 968 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Rule:

--
Sid:
2078

--
Summary:
HTTP.

--
Impact:
Data loss and disclosure of information.

--
Detailed Information:
A vulnerability exists such that a carefully crafted SQL query can be 
used by a malicious user that will delete all private messages for users
on the system.

The scripts do not perform detailed checking of SQL queries in some 
instances. This leaves the system vulnerable to SQL injection 
techniques.

--
Affected Systems:
	phpBB Group phpBB 2.0.3

--
Attack Scenarios:
The attacker can craft his own SQL query to be executed or use a known 
exploit for this vulnerability.

--
Ease of Attack:
Simple

--
False Positives:
None Known

--
False Negatives:
None Known

--
Corrective Action:
Upgrade to the latest non vulnerable version of phpBB.

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

Bugtraq:
http://www.securityfocus.com/bid/6634

--