CVE-2004-0036
CVSS5.0
发布时间 :2004-01-20 00:00:00
修订时间 :2016-10-17 22:40:03
NMCOS    

[原文]SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter.


[CNNVD]vBulletin日历脚本SQL注入漏洞(CNNVD-200401-041)

        vBulletin Forum 2.3.4之前版本2.3.x中的calendar.php存在SQL注入漏洞。远程攻击者可以通过eventid参数窃取敏感信息。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0036
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0036
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200401-041
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=107340358202123&w=2
(UNKNOWN)  BUGTRAQ  20040105 vBulletin Forum 2.3.xx calendar.php SQL Injection
http://www.securityfocus.com/bid/9360
(UNKNOWN)  BID  9360
http://www.vbulletin.com/forum/showthread.php?postid=588825
(UNKNOWN)  CONFIRM  http://www.vbulletin.com/forum/showthread.php?postid=588825
http://xforce.iss.net/xforce/xfdb/14144
(VENDOR_ADVISORY)  XF  vbulletin-calendar-sql-injection(14144)

- 漏洞信息

vBulletin日历脚本SQL注入漏洞
中危 SQL注入
2004-01-20 00:00:00 2005-06-08 00:00:00
远程  
        vBulletin Forum 2.3.4之前版本2.3.x中的calendar.php存在SQL注入漏洞。远程攻击者可以通过eventid参数窃取敏感信息。

- 公告与补丁

        Reportedly, vBulletin version 2.3.4 is not vulnerable to this issue. Users are advised to obtain the immune version from the vendor.
        VBulletin VBulletin 2.3 .0
        
        VBulletin VBulletin 2.3.2
        
        VBulletin VBulletin 2.3.3
        

- 漏洞信息

3344
vBulletin calendar.php eventid Parameter SQL Injection
Remote / Network Access Information Disclosure, Input Manipulation
Loss of Confidentiality, Loss of Integrity

- 漏洞描述

vBulletin contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "eventid" parameter is not verified properly in "calendar.php" which can be exploited to manipulate or inject SQL queries.

- 时间线

2004-01-05 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.3.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

vBulletin Calendar Script SQL Injection Vulnerability
Input Validation Error 9360
Yes No
2004-01-05 12:00:00 2006-06-21 08:55:00
Discovery is credit to mslug.

- 受影响的程序版本

VBulletin VBulletin 2.3.3
VBulletin VBulletin 2.3.2
VBulletin VBulletin 2.3 .0
VBulletin VBulletin 2.3.4

- 不受影响的程序版本

VBulletin VBulletin 2.3.4

- 漏洞讨论

vBulletin is prone to an SQL-injection vulnerability. As a result, remote attackers may influence the logic and structure of database queries made by the software. Attackers could potentially exploit this issue to compromise the bulletin-board installation, access sensitive information from within the database, or even to launch attacks against the database implementation.

- 漏洞利用

The following example was provided:

http://www.example.com/[software_installation_path]/calendar.php?s=&action=edit&eventid=14 union (SELECT
allowsmilies,public,userid,'0000-0-0',version(),userid FROM calendar_events
WHERE eventid = 14) order by eventdate

(Note that the underlying database must support the UNION command for this example to work.)

- 解决方案

Reportedly, vBulletin version 2.3.4 is not vulnerable to this issue. Users are advised to obtain the immune version from the vendor.


VBulletin VBulletin 2.3 .0

VBulletin VBulletin 2.3.2

VBulletin VBulletin 2.3.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站