CVE-2005-1026
CVSS7.5
发布时间 :2005-05-02 00:00:00
修订时间 :2016-10-17 23:16:39
NMCOS    

[原文]Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro).


[CNNVD]PHPBB Linkz Pro Module SQL注入漏洞(CNNVD-200505-544)

        SnailSource phpBB 2.0.x模块存在多个SQL注入漏洞,远程攻击者可以通过(1)传到DLMan Pro内的dlman.php的file_id参数或(2)传到Linkz Pro(又称LinksLinks Pro)内的links.php的id参数执行任意SQL命令。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:dlman_pro:dlman_pro:0.9.8
cpe:/a:linkz_pro:linkz_pro:1.0.3_beta2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1026
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1026
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-544
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=111271895819594&w=2
(UNKNOWN)  BUGTRAQ  20050404 SQL INJECTION in LinksLinks Pro. PHPBB Mod.
http://marc.info/?l=bugtraq&m=111272430128195&w=2
(UNKNOWN)  BUGTRAQ  20050404 SQL INJECTION in DLMan Pro. PHPBB Mod.
http://www.securityfocus.com/bid/13028
(UNKNOWN)  BID  13028
http://www.securityfocus.com/bid/13030
(UNKNOWN)  BID  13030
http://www.snailsource.com/forum/dlman.php?func=file_info&file_id=77
(UNKNOWN)  CONFIRM  http://www.snailsource.com/forum/dlman.php?func=file_info&file_id=77

- 漏洞信息

PHPBB Linkz Pro Module SQL注入漏洞
高危 SQL注入
2005-05-02 00:00:00 2005-10-20 00:00:00
远程  
        SnailSource phpBB 2.0.x模块存在多个SQL注入漏洞,远程攻击者可以通过(1)传到DLMan Pro内的dlman.php的file_id参数或(2)传到Linkz Pro(又称LinksLinks Pro)内的links.php的id参数执行任意SQL命令。

- 公告与补丁

        厂商已发布初始补丁以处理这一问题。请参阅Linkz Pro支持论坛了解更多信息。
        Linkz Pro Linkz Pro 1.0.3 beta2
        Linkz Pro Linkz Pro 1.0.4
        http://www.snailsource.com/forum/dlman.php?sid=&func=select_folder&folder_id=13

- 漏洞信息

15483
phpBB Linkz Pro Module links.php id Parameter SQL Injection
Remote / Network Access Information Disclosure, Input Manipulation
Loss of Confidentiality, Loss of Integrity
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-04-04 Unknow
2005-04-04 Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

PHPBB Linkz Pro Module SQL Injection Vulnerability
Input Validation Error 13030
Yes No
2005-04-06 12:00:00 2009-07-12 11:57:00
Discovery of this vulnerability is credited to LovER BOY.

- 受影响的程序版本

phpBB Group phpBB 2.0.13
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
phpBB Group phpBB 2.0.12
phpBB Group phpBB 2.0.11
phpBB Group phpBB 2.0.10
phpBB Group phpBB 2.0.9
phpBB Group phpBB 2.0.8 a
phpBB Group phpBB 2.0.8
phpBB Group phpBB 2.0.7 a
phpBB Group phpBB 2.0.7
phpBB Group phpBB 2.0.6 d
phpBB Group phpBB 2.0.6 c
phpBB Group phpBB 2.0.6
phpBB Group phpBB 2.0.5
phpBB Group phpBB 2.0.4
phpBB Group phpBB 2.0.3
phpBB Group phpBB 2.0.2
phpBB Group phpBB 2.0.1
phpBB Group phpBB 2.0 .0
Linkz Pro Linkz Pro 1.0.3 beta2
+ phpBB Group phpBB 2.0.13
+ phpBB Group phpBB 2.0.12
+ phpBB Group phpBB 2.0.11
+ phpBB Group phpBB 2.0.10
+ phpBB Group phpBB 2.0.9
+ phpBB Group phpBB 2.0.8 a
+ phpBB Group phpBB 2.0.8
+ phpBB Group phpBB 2.0.7 a
+ phpBB Group phpBB 2.0.7
+ phpBB Group phpBB 2.0.6 d
+ phpBB Group phpBB 2.0.6 c
+ phpBB Group phpBB 2.0.6
+ phpBB Group phpBB 2.0.5
+ phpBB Group phpBB 2.0.4
+ phpBB Group phpBB 2.0.3
+ phpBB Group phpBB 2.0.2
+ phpBB Group phpBB 2.0.1
+ phpBB Group phpBB 2.0 .0
Linkz Pro Linkz Pro 1.0.4
+ phpBB Group phpBB 2.0.13
+ phpBB Group phpBB 2.0.12
+ phpBB Group phpBB 2.0.11
+ phpBB Group phpBB 2.0.10
+ phpBB Group phpBB 2.0.9
+ phpBB Group phpBB 2.0.8 a
+ phpBB Group phpBB 2.0.8
+ phpBB Group phpBB 2.0.7 a
+ phpBB Group phpBB 2.0.7
+ phpBB Group phpBB 2.0.6 d
+ phpBB Group phpBB 2.0.6 c
+ phpBB Group phpBB 2.0.6
+ phpBB Group phpBB 2.0.5
+ phpBB Group phpBB 2.0.4
+ phpBB Group phpBB 2.0.3
+ phpBB Group phpBB 2.0.2
+ phpBB Group phpBB 2.0.1
+ phpBB Group phpBB 2.0 .0

- 不受影响的程序版本

Linkz Pro Linkz Pro 1.0.4
+ phpBB Group phpBB 2.0.13
+ phpBB Group phpBB 2.0.12
+ phpBB Group phpBB 2.0.11
+ phpBB Group phpBB 2.0.10
+ phpBB Group phpBB 2.0.9
+ phpBB Group phpBB 2.0.8 a
+ phpBB Group phpBB 2.0.8
+ phpBB Group phpBB 2.0.7 a
+ phpBB Group phpBB 2.0.7
+ phpBB Group phpBB 2.0.6 d
+ phpBB Group phpBB 2.0.6 c
+ phpBB Group phpBB 2.0.6
+ phpBB Group phpBB 2.0.5
+ phpBB Group phpBB 2.0.4
+ phpBB Group phpBB 2.0.3
+ phpBB Group phpBB 2.0.2
+ phpBB Group phpBB 2.0.1
+ phpBB Group phpBB 2.0 .0

- 漏洞讨论

The Linkz Pro mod for phpBB is reportedly affected by a SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.

Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

- 漏洞利用

No exploit is required.

The following proof of concept is available:
http://www.example.com/[phpBB]/links.php?func=show&id='[SQL Injection]

- 解决方案

The vendor has released an initial patch dealing with this issue. Please see the Linkz Pro support forum for more information.


Linkz Pro Linkz Pro 1.0.3 beta2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站