SPIP Session Handling Petition Posting Multiple Unspecified SQL Injection

2006-01-31T06:33:19
ID OSVDB:22848
Type osvdb
Reporter Sieg Fried(Siegfried@zone-h.org)
Modified 2006-01-31T06:33:19

Description

Vulnerability Description

SPIP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the session handling not properly sanitizing user-supplied input to unspecified variable(s) during petition posting. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Solution Description

Upgrade to SVN snapshot 5546 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SPIP contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the session handling not properly sanitizing user-supplied input to unspecified variable(s) during petition posting. This may allow an attacker to inject or manipulate SQL queries in the backend database.

References:

Vendor URL: http://www.spip.net/ Security Tracker: 1015556 Secunia Advisory ID:18676 Related OSVDB ID: 22846 Related OSVDB ID: 22847 Related OSVDB ID: 22845 Related OSVDB ID: 22849 Related OSVDB ID: 22844 Other Advisory URL: http://www.zone-h.org/en/advisories/read/id=8650/ Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0990.html Keyword: ZRCSA-200601 FrSIRT Advisory: ADV-2006-0398 CVE-2006-0517