OpenBB index.php CID Variable SQL Injection

2003-04-25T00:00:00
ID OSVDB:3342
Type osvdb
Reporter Albert Puigsech Galicia(ripe@7a69ezine.org), Niels Teusink(n.teusink@planet.nl)
Modified 2003-04-25T00:00:00

Description

Vulnerability Description

OpenBB contains a flaw that allows a remote SQL injection attack. This flaw exists because the application does not validate the CID variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Technical Description

This issue appears to have been discovered independantly many months apart by two individuals.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBB has released a patch to address this vulnerability.

Short Description

OpenBB contains a flaw that allows a remote SQL injection attack. This flaw exists because the application does not validate the CID variable upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

References:

Vendor URL: http://www.openbb.com/ Vendor Specific Solution URL: http://forums.openbb.com/read.php?TID=445 Vendor Specific Advisory URL Secunia Advisory ID:8676 Related OSVDB ID: 5661 Related OSVDB ID: 5659 Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2003-12/0317.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-04/0325.html ISS X-Force ID: 14081 Generic Exploit URL: http://www.securiteam.com/exploits/5PP0C2KGAY.html Bugtraq ID: 9300 Bugtraq ID: 7401