DUware multiple SQL injection

duware-multiple-sql-injection (21130) The risk level is classified as MediumMedium Risk

Description:

Multiple DUware products are vulnerable to SQL injection caused by improper validation of user-supplied input in multiple scripts. A remote attacker could send a specially-crafted URL request containing SQL commands which would allow the attacker to obtain sensitive information and add, modify or delete information in the backend database. DUware products effected by this vulnerability include DUportal PRO version 3.4.3, DUamazon Pro version 3.0 and 3.1, DUpaypal Pro version 3.0, DUforum version 3.1, and DUclassmate version 1.2.

Platforms Affected:

  • DUware, DUamazon PRO 3.0
  • DUware, DUclassmate 1.2
  • DUware, DUforum 3.1
  • DUware, DUpaypal Pro 3.0
  • DUware, DUportal PRO 3.0

Remedy:

No remedy available as of June 27, 2009.

Consequences:

Data Manipulation

References:

  • BugTraq Mailing List, Wed Jun 22 2005 - 02:19:47 CDT, Multiple SQL INJECTION in DUWARE Products at http://archives.neohapsis.com/archives/bugtraq/2005-06/0172.html.
  • BID-14029: DUware DUportal Pro Multiple SQL Injection Vulnerabilities
  • BID-14033: DUware DUamazon Pro Multiple SQL Injection Vulnerabilities
  • BID-14034: DUware DUpaypal Pro Multiple SQL Injection Vulnerabilities
  • BID-14035: DUware DUforum Multiple SQL Injection Vulnerabilities
  • BID-14036: DUware DUclassmate Multiple SQL Injection Vulnerabilities
  • CVE-2005-2045: Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 allow remote attackers to execute arbitrary SQL commands via the (1) iChannel parameter to default.asp, (2) iData parameter to detail.asp, (3) iMem parameter to members.asp, (4) iCat parameter to cat.asp, (5) offset parameter to members_listing_approval.asp, or (6) iChannel parameter to channels_edit.asp.
  • CVE-2005-2046: Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter to cat.asp, (2) iSub parameter to sub.asp, (3) iSub parameter to detail.asp, (4) iPro parameter to review.asp, iCat parameter to (5) catEdit.asp, (6) catDelete.asp, (7) productEdit.asp, or (8) productDelete.asp, or (9) iType parameter to type.asp.
  • CVE-2005-2047: Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter to cat.asp, (2) iPro parameter to detail.asp, (3) iSub parameter to sub.asp, (4) iCat parameter to catEdit.asp.
  • CVE-2005-2048: Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) iMsg parameter to messages.asp, iFor parameter to (2) post.asp or (3) forums.asp, or (4) id parameter to userEdit.asp. NOTE: vectors 1 and 3 were later reported to affect version 3.0.
  • CVE-2005-2049: Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp.
  • OSVDB ID: 17597: DUportal Pro members.asp iMem Variable SQL Injection
  • OSVDB ID: 17598: DUportal Pro members_listing_approval.asp offset Variable SQL Injection
  • OSVDB ID: 17599: DUportal Pro channels_edit.asp iChannel Variable SQL Injection

Reported:

Jun 22, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page