Skip to content
cyberexploits
webappphptext

Netsweeper 2.6.29.8 - SQL Injection

Netsweeper 2.6.29.8 - SQL Injection

Publié le 2015-08-21

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/php/webapps/37926.txt7eac4c3a
raw
+-------------------------------------+

+ Netsweeper 2.6.29.8 - SQL Injection +

+-------------------------------------+

Affected Product: Netsweeper

Vendor Homepage	: www.netsweeper.com

Version 	: 2.6.29.8 (and probably other versions)

Discovered by	: Anastasios Monachos (secuid0) - [anastasiosm (at) gmail (dot) com]

Patched      	: Yes

CVE		: CVE-2014-9613



+---------------------+

+ Product Description +

+---------------------+

Netsweeper is a software solution specialized in content filtering.



+----------------------+

+ Exploitation Details +

+----------------------+

Two specific parameters in two pages of Netsweeper Content Filtering solution v2.6.29.8 (and probable earlier versions) are vulnerable to SQL injection.

Condition: The exploitation can be performed by any non-authenticated user with access to the vulnerable pages (usually from everyone).



Vulnerability Type: SQL Injection [SQLi-I]

Vulnerable Page I: http://netsweeper/webadmin/auth/verification.php

Vulnerable POST Parameter: login



Vulnerability Type: SQL Injection [SQLi-II]

Vulnerable Page II: http://netsweeper/webadmin/deny/index.php

Vulnerable POST Parameter: dpid



+----------+

+ Solution +

+----------+

Upgrade to latest version.



+---------------------+

+ Disclosure Timeline +

+---------------------+

12-Jan-2011: Netsweeper fixed issue on 2.6.29.10

17-Jan-2015: CVE assigned CVE-2014-9613

11-Aug-2015: Public disclosure

Voir sur GitHub