GreenSQL Firewall 0.9.x WHERE Clause Secuity Bypass Vulnerability

2009-09-02T00:00:00
ID EDB-ID:33203
Type exploitdb
Reporter Johannes Dahse
Modified 2009-09-02T00:00:00

Description

GreenSQL Firewall 0.9.x WHERE Clause Secuity Bypass Vulnerability. CVE-2008-6992. Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/36209/info

GreenSQL Firewall is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions. Successfully exploiting this issue may aid in SQL attacks on the underlying application.

The following sample SQL expression is available:

x=y=z