[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gnuheter-dev] (fwd) PHP-Nuke x.x SQL Injection
|
From: |
Patrik Wallstrom |
|
Subject: |
[Gnuheter-dev] (fwd) PHP-Nuke x.x SQL Injection |
|
Date: |
Wed, 25 Sep 2002 22:04:10 +0200 |
|
User-agent: |
Mutt/1.4i |
Ulf, Bugtraq-hjälten, vad är status på detta i Gnuheter-koden?
----- Forwarded message from Pedro Inacio <address@hidden> -----
From: Pedro Inacio <address@hidden>
Date: 25 Sep 2002 17:25:46 -0000
To: address@hidden
Subject: PHP-Nuke x.x SQL Injection
Hello,
All PHP-Nuke versions, including the just released 6.0, are vulnerable to a
very simple SQL injection that may lead to a basic DoS attack.
For instance, if you create a short script, to send a few requests, (I have
tested with just 6) similar to this:
http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or%
201=1
after a real short time the load of the machine is so high that it will
become inacessible.
When the script is stopped, the server will take a few minutes to recover
from the load and become acessible again.
Well, the number of requests depends on your MySQL parameters and hardware,
but in general all the tested php-nuke sites where vulnerable and become
inacessible.
If you are running PHP-Nuke, I suggest the creation of some filters to
avoid
this kind of attack.
Other things can be made, but I will not talk about them now. I will wait
until Francisco fix them.
Francisco was noticed a month ago, but the problems persist.
Maybe he is busy reading the new revision of the "Building Secure Web
Applications and Web Services" OWASP document. :]
Cheers,
Pedro Inacio
----- End forwarded message -----
--
patrik_wallstrom->foodfight->address@hidden>+46-733173956
- [Gnuheter-dev] (fwd) PHP-Nuke x.x SQL Injection,
Patrik Wallstrom <=