[SA24653] eWebquiz "QuizID" SQL Injection Vulnerability

Les derniers commentaires publiés sur SecuObs (1-5):

- ESRT @ITVulnerability - PeerSec MatrixSSL - Embedded SSL and TLS implementati - ESRT @packet_storm - Nux Keylogger 0.0.1 - ESRT @threatpost - New capabilities are strengthening the ZeuS botnet allowin - Wireshark Display Filters cheatsheet v2.0 - tcpdump cheatsheet v2.0 Les derniers commentaires publiés sur SecuObs (6-25) Tous les commentaires publiés sur SecuObs avant les 5 derniers

[Message Precedent sur la mailing][Message Suivant sur la mailing][Precedent dans le fil][Prochain dans le fil][Index par Date][Index par fil] [SA24653] eWebquiz "QuizID" SQL Injection Vulnerability

Want a new job? link://[click] Secunia is looking for new researchers with a reversing background and experience in writing exploit code: link://[click] link://[click] link://[click]

TITLE: eWebquiz "QuizID" SQL Injection Vulnerability

SECUNIA ADVISORY ID: SA24653

VERIFY ADVISORY: link://[click]

CRITICAL: Moderately critical

IMPACT: Manipulation of data

WHERE: From remote SOFTWARE: eWebquiz 8.x link://[click]

DESCRIPTION: ajann has reported a vulnerability in eWebquiz, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "QuizID" parameter in ewebquiz.asp is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 8. Other versions may also be affected.

SOLUTION: Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY: ajann

ORIGINAL ADVISORY: link://[click]

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: link://[click]

Definitions: (Criticality, Where etc.) link://[click]

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link.

Secunia NEVER sends attached files with advisories.

Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Precedent par Date: [SA24635] IDA Pro Remote Debugger Server Authentication Bypass Vulnerability
Suivant par Date: [SA24640] Active Newsletter "NewsPaperID" SQL Injection
Precedent par fil : [SA24635] IDA Pro Remote Debugger Server Authentication Bypass Vulnerability
Suivant par fil : [SA24640] Active Newsletter "NewsPaperID" SQL Injection
Index(s):
- Date
- Fil

Archives de la liste de diffusion Secunia
Archives de la liste de diffusion BugTraq
Archives de la liste de diffusion DailyDave
Archives de la liste de diffusion FunSec
Archives de la liste de diffusion Full Disclosure
Archives de la liste de diffusion Focus-IDS (FD)
Archives de la liste de diffusion Webappsec (FD)
Archives de la liste de diffusion Security-basics (FD)
Archives de la liste de diffusion Vulndiscuss
Archives de la liste de diffusion Vulnwatch

Les derniers commentaires publiés sur SecuObs (6-25):

- ESRT @virturity - Virtualization security assessment modules for Metasploit V - ESRT @opexxx - Meterpreter script for extracting information from Windows lnk - Update on Microsoft Security Advisory 981374 - SSD Tools Crack Passwords 100 Times Faster - phpMyAdmin version 3.3.0 suffers from a cross site scripting vulnerability - libcap-ng 0.6.3 - iScanner v0.4 released - Malicious codes scanner - A vulnerability in Apple Safari, caused by an integer overflow error in Color - CHScanner is an ARP, IPv4 and IPv6 network scanner with 31 scan methods - Burp Suite Tutorial The Intruder Tool - Skype - URI Handler Input Validation - OWASP CSRFTester Test Applications for CSRF - ESRT @MarioVilas @DidierStevens - Added shellcode to Tweet to my library - ESRT @ThisIsHNN @th3j35t3r - releases 2nd video of enhanced XerXeS attack - i - plecost v0.2.2-7 Beta Update - cookiemonster v1.6 - Automatic Reverse Engineering of Data Structures from Binary Execution - Samhain v2.6.3 Beltane v2.3.19 released - Social-Engineering Ninja v0.1 Beta - PHP scripts - Botan 1.9.4 Les cinq derniers commentaires publiés sur SecuObs Tous les commentaires publiés sur SecuObs avant les 25 derniers

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP aircrack + Ubiquiti (MadWifi) 300 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, exploit, windows, microsoft, réseau, attaque, outil, vulnérabilité, audit, système, virus, internet, données, présentation, linux, metasploit, bluetooth, protocol, vista, réseaux, shell, scanner, engineering, rootkit, wishmaster, trames, conférence, source, paquet, téléphone, mobile, sysun, noyau, rapport, botnet, téléphones, mémoire, https, navigateur, intel, patch, reverse, libre, scapy, securitech + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA38869 GNU Cpio rmt Buffer Overflow Vulnerability - SA38836 GNU Tar rmt Buffer Overflow Vulnerability - SA38908 Skype URI Handling /Datapath Vulnerability - SA38885 Ubuntu update for apache2 - SA38911 Drupal Monthly Archive by Node Type Module Security Bypass + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Full-disclosure Claude Mercier/CLSC-CHSLD BVLV/Reg03/SSSS est absent(e). - Re: Full-disclosure SecurityFocus to partially shut down - Full-disclosure 2nd CfP: ICCGI 2010 \|\| September 20-25, 2010 - Valencia, Spain - Full-disclosure SecurityFocus to partially shut down - Full-disclosure 2nd CfP: INTERNET 2010 \|\| September 20-25, 2010 - Valencia, Spain + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- USN-909-1 dpkg vulnerability - Skype URI Handler Input Validation - MDVSA-2010:060 squid - Vulnerabilities in Abton - Multiple vulnerabilities in SUPERAntiSpyware and Super Ad Blocker - SECURITY DSA 2011-1 New dpkg packages fix path traversal + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

vmware, security, virus, biometric, windows, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux, network, iphone, server, exploit, wimax, conficker, virtu, virtual, engineering, cisco, reverse, ettercap, wireshark, shmoocon, hacker, firewall, internet, knoppix, rootkit, arduino, conference, source, wireless, backtrack, openbsd, brucon, systm, overflow, openssh, buffer, access, remote + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack + de mots clés avec l'annuaire de la revue Twitter