TUCoPS :: Web :: General :: web5439.htm

LogiSense softwares login forms are vulnerable to sql injection.
14th Jun 2002 [SBWID-5439]
COMMAND

	LogiSense softwares login forms are vulnerable to sql injection.
	

	

SYSTEMS AFFECTED

	current versions

PROBLEM

	Akatosh [akatosh@rains.net] found following:
	

	\"LogiSense Corporation is a leading provider  of  performance  software
	for service  providers  and  enterprises.  We  offer  a  wide  range  of
	low-cost  solutions  designed  to  address  common  client  billing  and
	management,  traffic  congestion,  network  scalability,   and   latency
	issues.\"
	

	LogiSense software tested includes Hawk-i Billing, Hawk-i  ASP  and  DNS
	Manager. These softwares are isp/asp billing systems  and  a  web  based
	dns manager, respectively.
	

	

	 Problem

	 -------

	

	The login forms are vulnerable to sql injection.
	

	

	Login: alskdjflawersadf

	Password: \' OR \'\'=\'

	

	

	The  most  obvious  implications   (besides   logging   in   without   a
	username/pass) is that this could  be  leveraged  to  execute  arbitrary
	commands or steal customer information.

SOLUTION

	If you use Logisense software, don\'t let yourself be  listed  on  their
	list of targe..er, customers. Better  yet,  don\'t  use  software  by  a
	vendor who ignores security bugs for three months.
	

	You can probably edit the  login  forms  (which  are  in  asp)  and  add
	something like
	

	

	dim regex

	set regex = New RegExp

	regex.pattern = \"[^0-9a-zA-Z]\"

	regex.Global = True

	cleantext = regex.replace(inputtext, \"\")

	

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH