Multiple Protector System Input Validation Vulnerabilities
BID:10206
Info
Multiple Protector System Input Validation Vulnerabilities
| Bugtraq ID: | 10206 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 23 2004 12:00AM |
| Updated: | Apr 23 2004 12:00AM |
| Credit: | Discovery of these vulnerabilities has been credited to Janek Vind "waraxe". |
| Vulnerable: |
Protector System Protector System 1.15 b1 |
| Not Vulnerable: | |
Discussion
Multiple Protector System Input Validation Vulnerabilities
Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection vulnerabilities were reported.
Exploitation of these issues may reveal sensitive information, allow for account hijacking, content manipulation and attacks against the underlying database.
These issues were reported to exist in Protector System 1.15b1. Other versions may also be affected.
Multiple vulnerabilities were reported to exist in Protector System, which is a third-party module for PHP-Nuke. Cross-site scripting and SQL injection vulnerabilities were reported.
Exploitation of these issues may reveal sensitive information, allow for account hijacking, content manipulation and attacks against the underlying database.
These issues were reported to exist in Protector System 1.15b1. Other versions may also be affected.
Exploit / POC
Multiple Protector System Input Validation Vulnerabilities
The following examples have been supplied:
http://www.example.com/nuke72/admin/modules/blocker_query.php?target=foobar.com">[xss code here]
http://www.example.com/nuke72/admin/modules/blocker_query.php?target=foobar.com&queryType=all&portNum=foobar[xss code here]
http://www.example.com/nuke72/index.php?foobar%27,IF(ord(mid(USER(),1,1))%3d114,benchmark(500000,md5(1337)),1),2)/*
http://www.example.com/nuke72/index.php?foo=bar%20U/**/NION%20SELECT%20ALL%20FROM%20WHERE
http://www.example.com/nuke72/index.php?foo=bar%20UNION%20SELECT%20ALL%20FROM%20WHERE
The following examples have been supplied:
http://www.example.com/nuke72/admin/modules/blocker_query.php?target=foobar.com">[xss code here]
http://www.example.com/nuke72/admin/modules/blocker_query.php?target=foobar.com&queryType=all&portNum=foobar[xss code here]
http://www.example.com/nuke72/index.php?foobar%27,IF(ord(mid(USER(),1,1))%3d114,benchmark(500000,md5(1337)),1),2)/*
http://www.example.com/nuke72/index.php?foo=bar%20U/**/NION%20SELECT%20ALL%20FROM%20WHERE
http://www.example.com/nuke72/index.php?foo=bar%20UNION%20SELECT%20ALL%20FROM%20WHERE
Solution / Fix
Multiple Protector System Input Validation Vulnerabilities
Solution:
The vendor has released a patch to address this issue:
Protector System Protector System 1.15 b1
Solution:
The vendor has released a patch to address this issue:
Protector System Protector System 1.15 b1
-
Protector System Fix 2 Blocker
http://protector.warcenter.se/modules.php?name=Downloads&d_op=viewdown loaddetails&lid=17&title=Fix%202%20Blocker
References
Multiple Protector System Input Validation Vulnerabilities
References:
References:
- Hi there you can now download a fix for the latest vulns reported here (Protector System)
- Multiple vulnerabilities in Protector System 1.15b1 for PhpNuke (Janek Vind "waraxe")
- Protector System support site (Protector System)