NASLDB: OCS Inventory NG Server Administration Console header.php login Parameter SQL Injection
General
ID: 44393
Name: OCS Inventory NG Server Administration Console header.php login Parameter SQL Injection
Summary: Attempts to log in to OCS Inventory by injecting SQL code
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: CVSS2#E:F/RL:U/RC:ND
Port: 80
Family: CGI abuses
Type: Remote
Description
The version of the OCS Inventory NG Server Administration Console
hosted on the remote web server fails to properly sanitize user
supplied input to the ‘login’ parameter of the ‘header.php’ script.
Provided PHP’s ‘magic_quotes_gpc’ setting is disabled, an attacker can
exploit this to bypass authentication and thereby gain access to the
administrative interface.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: –
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2010/01/29
Patch Release: 2010/01/30
Plugin Release: 2010/02/04
Plugin
Version: 1.4
Filename: ocs_inventory_ng_login_sql_inject.nasl
Filesize: 4262 bytes
MD5 Hash: b20c49f53e8a5f183329119f2a533fcd
Identification: –
Require Keys: www/PHP", "www/ocs_inventory
Dependencies: "ocs_inventory_ng_detect.nasl"
Copyright: This script is Copyright© 2010-2011 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack