thr3ads.net - Secure testing team - [Secure-testing-team] Bug#484499: slash: possible SQL injection vulnerability [Jun 2008]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Steffen Joeris

2008-Jun-04 12:31 UTC

[Secure-testing-team] Bug#484499: slash: possible SQL injection vulnerability

Package: slash
Severity: grave
Tags: security
Justification: user security hole

Hi

A possible SQL injection vulnerability was discovered in slash.
The vulnerability was an SQL injection. Its effect was to allow a user
with no special authorization to read any information from any table the
Slash site''s mysql user was authorized to read (which may include other
databases, including information_schema).

More information can be found here[0].

The upstream patch can be found here[1].

Cheers
Steffen

[0]: http://www.slashcode.com/article.pl?sid=08/01/07/2314232

[1]:
http://slashcode.cvs.sourceforge.net/slashcode/slash/Slash/Utility/Environment/Environment.pm?r1=1.223&r2=1.225

Secure testing team - Jun 2008 - Bug#484499: slash: possible SQL injection vulnerability

[Secure-testing-team] Bug#484499: slash: possible SQL injection vulnerability