BID:25362

Ampache Albums.PHP SQL Injection Vulnerability

Info

Ampache Albums.PHP SQL Injection Vulnerability

Bugtraq ID:	25362
Class:	Input Validation Error
CVE:	CVE-2007-4437
Remote:	Yes
Local:	No
Published:	Aug 20 2007 12:00AM
Updated:	Oct 15 2007 05:37PM
Credit:	The vendor credits LT with the discovery of this vulnerability.
Vulnerable:	Gentoo Linux Ampache Ampache 3.3.3 4 Ampache Ampache 3.3.3.3 Ampache Ampache 3.3.3.2 Ampache Ampache 3.3.3.1

Not Vulnerable:	Ampache Ampache 3.3.3.5

Discussion

Ampache Albums.PHP SQL Injection Vulnerability

Ampache is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Versions prior to Ampache 3.3.3.5 are vulnerable.

Exploit / POC

Ampache Albums.PHP SQL Injection Vulnerability

An attacker can use a browser to exploit this issue.

Solution / Fix

Ampache Albums.PHP SQL Injection Vulnerability

Solution:
The vendor released an update to address this issue. Please see the references for more information.

Ampache Ampache 3.3.3.2

Cuyahoga ampache-3.3.3.5.tar.gz
http://ampache.org/downloads/ampache-3.3.3.5.tar.gz

Ampache Ampache 3.3.3.3

Cuyahoga ampache-3.3.3.5.tar.gz
http://ampache.org/downloads/ampache-3.3.3.5.tar.gz

Ampache Ampache 3.3.3.1

Cuyahoga ampache-3.3.3.5.tar.gz
http://ampache.org/downloads/ampache-3.3.3.5.tar.gz

Ampache Ampache 3.3.3 4

Cuyahoga ampache-3.3.3.5.tar.gz
http://ampache.org/downloads/ampache-3.3.3.5.tar.gz

References

Ampache Albums.PHP SQL Injection Vulnerability

References:

Ampache Homepage (Ampache)