getInternet lostpassword.asp Multiple Variable SQL Injection

2004-09-09T04:26:07
ID OSVDB:9923
Type osvdb
Reporter Criolabs Staff(security@criolabs.net)
Modified 2004-09-09T04:26:07

Description

Vulnerability Description

getInternet contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'Name', 'Surname' and 'ID Number' variables in the lostpassword.asp script are not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

getInternet contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'Name', 'Surname' and 'ID Number' variables in the lostpassword.asp script are not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/lostpassword.asp Name: [SQL] Surname: [SQL] ID Number: [SQL]

References:

Vendor URL: http://www.get.za.com/ Vendor URL: http://www.getintranet.net/ Secunia Advisory ID:12519 Related OSVDB ID: 9918 Related OSVDB ID: 9919 Related OSVDB ID: 9920 Related OSVDB ID: 9921 Related OSVDB ID: 9922 Related OSVDB ID: 9924 Other Advisory URL: http://www.criolabs.net/advisories/getinternet.txt