BNLug - BBPress BB-Edit PHP SQL Injection Vulnerability

BBPress BB-Edit.PHP SQL Injection Vulnerability

TITLE: BBPress BB-Edit.PHP SQL Injection Vulnerability
CLASS: Input Validation Error
CVE: CVE-2007-3244

REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 15 2007 12:00AM
UPDATE: Jun 15 2007 12:00AM
CREDIT: chrishajer discovered this vulnerability.
VULNERABLE:

BBPress BBPress 0.8

NOT VULNERABLE:

BBPress BBPress 0.8.1

Vai alla pagina originale su Security Focus

Discussion

bbPress is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

This issue affects bbPress 0.8; prior versions may also be vulnerable.

Exploit

Attackers can use a browser to exploit this issue.

Solution

Solution:
The vendor has released version 0.8.1 to address this issue; please see the reference section for details.

BBPress BBPress 0.8

BBPress latest.tar.gz
http://bbpress.org/latest.tar.gz

References

References:

bbPress ticket #592 (closed defect: fixed) (bbPress)
BBPress Web Site (BBPress)

BBPress BB-Edit.PHP SQL Injection Vulnerability

Discussion

Exploit

Solution

References

PhpLog

BNLug Benevento Linux Users Group

Menu Principale

Staff

Partner

Link