From: Secunia Security Advisories (sec-advsecunia.com)
Date: Fri Apr 25 2003 - 02:18:48 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
XMB Registration Process SQL Injection

READ ONLINE:
http://www.secunia.com/advisories/8656/

CRITICAL:
Less critical

IMPACT:
Manipulation of data, Exposure of system information, Exposure of
sensitive information

WHERE:
From remote

SOFTWARE:
XMB 1.x

DESCRIPTION:
An vulnerability has been identified in XMB, which can be exploited
by malicious people to manipulate existing SQL queries.

The vulnerability is caused due to an input validation error in the
registration processing. A malicious person can exploit this to
inject arbitrary SQL code into the variables "$email1" and "$email2",
which can result in disclosure of sensitive information - eg.
retrieval of arbitrary users' password hashes.

Successful exploitation requires that "register_globals" has been
enabled in "php.ini".

SOLUTION:
Upgrade to XMB 1.8 Final Edition SP1:
http://www.xmbforum.com/download/1.8/?type=zip

REPORTED BY / CREDITS:
Binary Bugs

ORIGINAL ADVISORY:
http://www.bbugs.org/advisories/BB-2003-1-XMB

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : support@secunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]