getIntranet calendar_display.asp id Variable SQL Injection

2004-09-09T13:50:21
ID OSVDB:9944
Type osvdb
Reporter Criolabs Staff(security@criolabs.net)
Modified 2004-09-09T13:50:21

Description

Vulnerability Description

getIntranet contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'id' variable in the calendar_display.asp script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

getIntranet contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the 'id' variable in the calendar_display.asp script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/welcome.asp?page=calendar_display.asp&id=[SQL]

References:

Vendor URL: http://www.get.za.com/ Secunia Advisory ID:12520 Related OSVDB ID: 9927 Related OSVDB ID: 9937 Related OSVDB ID: 9940 Related OSVDB ID: 9941 Related OSVDB ID: 9933 Related OSVDB ID: 9936 Related OSVDB ID: 9939 Related OSVDB ID: 9942 Related OSVDB ID: 9943 Related OSVDB ID: 9945 Related OSVDB ID: 9928 Related OSVDB ID: 9930 Related OSVDB ID: 9938 Related OSVDB ID: 9946 Related OSVDB ID: 9929 Related OSVDB ID: 9947 Other Advisory URL: http://www.criolabs.net/advisories/getintranet.txt