+-------------------------------------++ Netsweeper 2.6.29.8- SQL Injection ++-------------------------------------+
Affected Product: Netsweeper
Vendor Homepage : www.netsweeper.com
Version :2.6.29.8(and probably other versions)
Discovered by : Anastasios Monachos (secuid0)-[anastasiosm (at) gmail (dot) com]
Patched : Yes
CVE : CVE-2014-9613+---------------------++ Product Description ++---------------------+
Netsweeper is a software solution specialized in content filtering.+----------------------++ Exploitation Details ++----------------------+
Two specific parameters in two pages of Netsweeper Content Filtering solution v2.6.29.8(and probable earlier versions) are vulnerable to SQL injection.
Condition: The exploitation can be performed by any non-authenticated user with access to the vulnerable pages (usually from everyone).
Vulnerability Type: SQL Injection [SQLi-I]
Vulnerable Page I: http://netsweeper/webadmin/auth/verification.php
Vulnerable POST Parameter: login
Vulnerability Type: SQL Injection [SQLi-II]
Vulnerable Page II: http://netsweeper/webadmin/deny/index.php
Vulnerable POST Parameter: dpid
+----------++ Solution ++----------+
Upgrade to latest version.+---------------------++ Disclosure Timeline ++---------------------+12-Jan-2011: Netsweeper fixed issue on 2.6.29.1017-Jan-2015: CVE assigned CVE-2014-961311-Aug-2015: Public disclosure
