Anthill buglist.php and query.php SQL injection
| anthill-buglist-query-sql-injection (27373) |  Medium Risk |
Description:
Anthill is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the buglist.php script using the 'order' parameter or the query.php script using the 'bug' parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database.
Note: In order to exploit this vulnerability using the query.php script, magic_quotes_gpc must be disabled.
Platforms Affected:
- Danen Consulting Services, Anthill 0.2.6
- Danen Consulting Services, Anthill 0.3.0 and prior
Remedy:
No remedy available as of January 3, 2009.
Consequences:
Data Manipulation
References:
- Anthill Web site, Anthill - Download at http://anthill.vmlinuz.ca/.
- UNSECURED SYSTEMS Saturday, June 24, 2006, Anthill SQL injection vuln. at http://pridels.blogspot.com/2006/06/anthill-sql-injection-vuln.html.
- BID-18661: Anthill Multiple SQL Injection Vulnerabilities
- CVE-2006-3244: Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order parameter in buglist.php and the (2) bug parameter in query.php.
- SA20838: Anthill SQL Injection Vulnerabilities
- VUPEN/ADV-2006-2529: Anthill order and bug Parameters Handling Remote SQL Injection Vulnerabilities
Reported:
Jun 24, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2009 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net