|
|
Family: CGI abuses --> Category: attack
Geeklog User Comment Retrieval SQL Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for user comment retrieval SQL injection vulnerability in Geeklog
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is affected by a SQL
injection flaw.
Description :
The remote host is running Geeklog, an open-source weblog powered by
PHP and MySQL.
The installed version of Geeklog suffers from a SQL injection
vulnerability due to the application's failure to sanitize user-
supplied input via the 'order' parameter of the 'comment.php' script.
By leveraging this flaw, a possible hacker may be able to recover sensitive
information, such as password hashes, launch attacks against the
underlying database, and the like.
See also :
http://www.hardened-php.net/advisory-062005.php
Solution :
Upgrade to Geeklog version 1.3.11 sr1 or later.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:H/Au:NR/C:P/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
