lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <004301c26426$c845fd00$856816d5@netropolis>
From: pedro.inacio at netropolis.pt (Pedro Inacio)
Subject: PHP-Nuke x.x SQL Injection

Hello,

All PHP-Nuke versions, including the just released 6.0, are vulnerable to a
very simple SQL injection that may lead to a basic DoS attack.

For instance, if you create a short script, to send a few requests, (I have
tested with just 6) similar to this:

http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or%201
=1

after a real short time the load of the machine is so high that it will
become inacessible.
When the script is stopped, the server will take a few minutes to recover
from the load and become acessible again.

Well, the number of requests depends on your MySQL parameters and hardware,
but in general all the tested php-nuke sites where vulnerable and become
inacessible.

If you are running PHP-Nuke, I suggest the creation of some filters to avoid
this kind of attack.
Other things can be made, but I will not talk about them now. I will wait
until Francisco fix them.

Francisco was noticed a month ago, but the problems persist.

Cheers,

Pedro Inacio




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ