Land Down Under (LDU) users.php Multiple Parameter SQL Injection

2004-10-30T06:15:07
ID OSVDB:11299
Type osvdb
Reporter Positive Technologies(pt@ptsecurity.ru)
Modified 2004-10-30T06:15:07

Description

Vulnerability Description

Land Down Under contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "s", "w" and "d" variables in the users.php module are not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Neocrome has released a patch to address this vulnerability.

Short Description

Land Down Under contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "s", "w" and "d" variables in the users.php module are not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/users.php?f=1&s=1'[sql code here]&w=asc&d=50 http://[victim]/users.php?f=1&s=name&w=1'[sql code here]&d=50 http://[victim]/users.php?f=1&s=name&w=asc&d=1'[sql code here] http://[victim]/users.php?f=1&s=1'[sql code here]&w=asc http://[victim]/users.php?f=1&s=name&w=1'[sql code here]

References:

Vendor Specific Advisory URL Security Tracker: 1012015 Secunia Advisory ID:13034 Related OSVDB ID: 11300 Related OSVDB ID: 11301 Related OSVDB ID: 11302 Other Advisory URL: http://www.ptsecurity.ru/advisory.asp Other Advisory URL: http://www.neocrome.net/index.php?msingle&id91 ISS X-Force ID: 17912 CVE-2004-2669 Bugtraq ID: 11569