TUCoPS :: Web :: General :: b06-2578.htm

ASPSitem <= 2.0 Multiple Vulnerabilities.
Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities.
Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities.

--Security Report--
Advisory: ASPSitem <= 2.0 Multiple Vulnerabilities.
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
Date: 27/05/06 08:26 PM
ICQ: 10072
MSN/Email: nukedx@nukedx.com 
Web: http://www.nukedx.com 
Vendor: ASPSitem (http://www.aspsitem.com) 
Version: 2.0 and prior versions must be affected.
About: Via this method remote attacker can inject arbitrary SQL  
queries to bid parameter in Anket.asp.
Remote attacker also can read others private messages.The parameter id  
in Hesabim.asp did not sanitized properly
for checking the owner status of private message.
Level: Critical
SQL injection ->
GET -> http://[victim]/[ASPSitemDir]/Anket.asp?hid=[SQL] 
with this example remote attacker can leak userid 1's login  
information from database.
Read others private messages ->
* 27/05/2006: Vulnerability found.
* 27/05/2006: Contacted with vendor and waiting reply.
* 27/05/2006: Vendor already released patch for SQL injection you can  
find it here: http://www.aspsitem.com/Forum.asp?forum=oku&msgid=44710 
Exploit: http://www.nukedx.com/?getxpl=39 
Original advisory can be found at: http://www.nukedx.com/?viewdoc=39 
Dorks: "Te=FEekk=FCr ASPSitem"

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH