lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAFWG0-jBka7d_=z0JHid9zz7FSQ2zD-M10P-dLFtBfz9kwDT6A@mail.gmail.com>
Date: Sun, 24 May 2015 18:11:38 +0800
From: Jing Wang <justqdjing@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Gcon Tech Solutions v1.0 SQL Injection Web Security
	Vulnerabilities

*Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities*


Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter SQL
Injection Security Vulnerabilities
Product: Gcon Tech Solutions
Vendor: Gcon Tech Solutions
Vulnerable Versions: v1.0
Tested Version: v1.0
Advisory Publication: May 24, 2015
Latest Update: May 24, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an
SQL Command ('SQL Injection') [CWE-89]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore: 6.4
Exploitability Subscore: 10.0
Writer and Reporter: Wang Jing [School of Physical and Mathematical
Sciences (SPMS), Nanyang Technological University (NTU), Singapore]
(@justqdjing)




*Recommendation Details:*


*(1) Vendor & Product Description:*


*Vendor:*
Gcon Tech Solutions



*Product & Vulnerable Versions:*
Gcon Tech Solutions
v1.0



*Vendor URL & Download:*
Gcon Tech Solutions can be obtained from here,
http://www.gconts.com/Development.htm



*Google Dork:*
"Developed and maintained by Gcon Tech Solutions"



*Product Introduction Overview:*
"Over the years we have developed business domain knowledge various
business areas. We provide Development Services either on time and material
or turn-key fixed prices basis, depending on the nature of the project.
Application Development Services offered by Gcon Tech Solutions help
streamline business processes, systems and information. Gcon Tech Solutions
has a well-defined and mature application development process, which
comprises the complete System Development Life Cycle (SDLC) from defining
the technology strategy formulation to deploying, production operations and
support. We fulfill our client's requirement firstly from our existing
database of highly skilled professionals or by recruiting the finest
candidates locally. We analyze your business requirements and taking into
account any constraints and preferred development tools, prepare a fixed
price quote. This offers our customers a guaranteed price who have a single
point contact for easy administration. We adopt Rapid Application
Development technique where possible for a speedy delivery of the
Solutions. Salient Features of Gcon Tech Solutions Application Development
Services: (a) Flexible and Customizable. (b) Industry driven best
practices. (c) Knowledgebase and reusable components repository. (d) Ensure
process integration with customers at project initiation"




*(2) Vulnerability Details:*
Gcon Tech Solutions web application has a computer cyber security bug
problem. It can be exploited by SQL Injection attacks. This may allow an
attacker to inject or manipulate SQL queries in the back-end database,
allowing for the manipulation or disclosure of arbitrary data.

Several other similar products 0-day vulnerabilities have been found by
some other bug hunter researchers before. Gcon Tech Solutions has patched
some of them. CXSECurity is a huge collection of information on data
communications safety. Its main objective is to inform about errors in
various applications. It also publishes suggestions, advisories, solutions
details related to SQL Injection vulnerabilities and cyber intelligence
recommendations.


*(2.1)* The first programming code flaw occurs at "content.php?" page with
"&id" parameter.






*References:*
http://www.tetraph.com/security/sql-injection-vulnerability/gcon-tech-solutions-v1-0-sql/
http://securityrelated.blogspot.com/2015/05/gcon-tech-solutions-v10-sql.html
http://www.diebiyi.com/articles/security/gcon-tech-solutions-v1-0-sql/
https://itswift.wordpress.com/2015/05/23/gcon-tech-solutions-v1-0-sql/
http://whitehatpost.blog.163.com/blog/static/242232054201542455422939/
https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01766.html
http://cxsecurity.com/issue/WLB-2015040036
http://seclists.org/fulldisclosure/2015/May/32
http://lists.openwall.net/full-disclosure/2015/05/08/8
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1955





--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ