 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 393 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
Protector System Multiple Vulnerabilities |
|
 manunkind1 writes "Janek Vind has reported some vulnerabilities in Protector System, allowing
malicious people to conduct Cross Site Scripting, SQL injection and bypass the
protection filters.
1) If error messages hasn't been turned off in PHP,
the "blocker_query.php" script will return error messages if an invalid value is
supplied to the "portNum" parameter. This can be exploited to reveal the
installation path.
2) Input passed to the "target" and "portNum"
parameters in the "blocker_query.php" script isn't properly verified before it
is returned to the user. This can be exploited to execute arbitrary HTML or
script code in a user's browser session in context of an affected site by
tricking the user into visiting a malicious website or follow a specially
crafted link.
3) Input passed in GET queries to PHP-Nuke isn't properly
verified before it is used in an SQL insert query. This can be exploited by
malicious people to manipulate SQL queries by injecting arbitrary SQL
code.
4) It is possible to bypass the SQL injection filter system, by
altering the injected SQL query using comments "/**/" in the command.
The vulnerabilities have been reported in version 1.15b1. Prior versions may
also be affected.
Solution:
Use another
product.
Provided and/or discovered by:
Janek Vind "waraxe"
http://secunia.com/advisories/11478/
Admin Note: How about improving it?"
|
|
Posted on Tuesday, April 27 @ 19:01:30 CEST by Zhen-Xjell |
|
|
|
|
| |
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Protector System Multiple Vulnerabilities (Score: 1)
by chatserv on Tuesday, April 27 @ 19:54:22 CEST
(User Info | Send a Message) http://nukeresources.com | | Mr. waraxe only seems to offer suggestions like "Use another product.", not very helpful unless you are part of another CMS' dev team in which case you would benefit from people following said advice. Flaw reports are a valuable tool in themselves but the average vulnerability reporter often provides a workaround for his found flaws. While the report can help the author correct such errors what about popular scripts like MyeGallery whose author no longer updates the version for Nuke, if you point out vulnerabilities but don't provide possible solutions for the problem you leave the average user that has minimum to no experience in coding out in the open. |
Re: Protector System Multiple Vulnerabilities (Score: 1)
by Xeon on Wednesday, April 28 @ 04:22:53 CEST
(User Info | Send a Message) http://www.credit-repair-combat.com/ | I also found this problem on my sites and have been asking these very questions. In fact I wouldn't be surprised if those that dug a little deeper into this issue started digger deeper after seeing the posts I made, not only here on NC but also on the PS & other sites. I reported what I was seeing in my logs over a week to 2 weeks ago concerning these very same areas of concern. I'm not sure what the solution is but it's clear I'll have to remove PS from my sites until a cure is found.
I wish I had more knowledge in how to develop a fix but I too do not possess the capability to do so myself so hopefully one will be created soon as I'd hate to loose this great tool. It's definately one of the best I've seen or used for PHP-Nuke, up until now.
I also agree with chatserv, it's not enough to point out the flaws and would argue that in cases like this it would be better if it wasn't published to the world until a fix is found and implemented. |
]
| | | | |
Re: Protector System Multiple Vulnerabilities (Score: 1)
by MisterWORK on Wednesday, April 28 @ 00:37:51 CEST
(User Info | Send a Message) http://protector.warcenter.se | http://www.securityfocus.com/bid/10206/solution/
I fixed this a day ago. =O) And released it yesterday. But working togheter is good =) |
| | | | | |
|
