Netsweeper 2.6.29.8 – SQL Injection

• Exploit Database
• 18 阅读

• 作者： Anastasios Monachos
  日期： 2015-08-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/37926/

• +-------------------------------------+
  + Netsweeper 2.6.29.8 - SQL Injection +
  +-------------------------------------+
  Affected Product: Netsweeper
  Vendor Homepage	: www.netsweeper.com
  Version 	: 2.6.29.8 (and probably other versions)
  Discovered by	: Anastasios Monachos (secuid0) - [anastasiosm (at) gmail (dot) com]
  Patched	: Yes
  CVE		: CVE-2014-9613
  
  +---------------------+
  + Product Description +
  +---------------------+
  Netsweeper is a software solution specialized in content filtering.
  
  +----------------------+
  + Exploitation Details +
  +----------------------+
  Two specific parameters in two pages of Netsweeper Content Filtering solution v2.6.29.8 (and probable earlier versions) are vulnerable to SQL injection.
  Condition: The exploitation can be performed by any non-authenticated user with access to the vulnerable pages (usually from everyone).
  
  Vulnerability Type: SQL Injection [SQLi-I]
  Vulnerable Page I: http://netsweeper/webadmin/auth/verification.php
  Vulnerable POST Parameter: login
  
  Vulnerability Type: SQL Injection [SQLi-II]
  Vulnerable Page II: http://netsweeper/webadmin/deny/index.php
  Vulnerable POST Parameter: dpid
  
  +----------+
  + Solution +
  +----------+
  Upgrade to latest version.
  
  +---------------------+
  + Disclosure Timeline +
  +---------------------+
  12-Jan-2011: Netsweeper fixed issue on 2.6.29.10
  17-Jan-2015: CVE assigned CVE-2014-9613
  11-Aug-2015: Public disclosure