Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2117 |
Message | WEB-IIS Battleaxe Forum login.asp access |
Summary | This event is generated when an attempt is made to access the file myaccount/login.asp in the BTTLXE Forum application from Battleaxe Software. |
Impact | Possible theft of data and control of the targeted application leading to a compromise of all resources on the machine not limited to user accounts and business data. |
Detailed Information | The BTTLXE Forum is a web application used for web-based discussion forums. A vulnerability exists such that an attacker may gain control of the application via an SQL injection technique. One such scenario allows an attacker to access the system by supplying a specific password without a username in the login page. Affected Systems: All versions of BTTLXE Forum software. |
Affected Systems | |
Attack Scenarios | The attacker may login to the Forum with the password 'or''=' |
Ease of Attack | Simple. |
Corrective Action | Refer to the vendor notification and fix information at http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812 |
Additional References | CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0215 Bugtraq: http://www.securityfocus.com/bid/7416 Vendor: http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812 |
Rule References | bugtraq: 7416 cve: 2003-0215 nessus: 11548 |
--
DID:559031
--
http://www.aanval.com/