Netsweeper 安全漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1122946 漏洞类型 SQL注入
发布时间 2015-08-21 更新时间 2020-02-21
CVE编号 CVE-2014-9613 CNNVD-ID CNNVD-202002-970
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/37926
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202002-970
|漏洞详情
Netsweeper是加拿大Netsweeper公司的一套Web内容过滤解决方案。 Netsweeper 2.6.29.10之前版本中存在SQL注入漏洞,该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
|漏洞EXP
+-------------------------------------+
+ Netsweeper 2.6.29.8 - SQL Injection +
+-------------------------------------+
Affected Product: Netsweeper
Vendor Homepage	: www.netsweeper.com
Version 	: 2.6.29.8 (and probably other versions)
Discovered by	: Anastasios Monachos (secuid0) - [anastasiosm (at) gmail (dot) com]
Patched      	: Yes
CVE		: CVE-2014-9613

+---------------------+
+ Product Description +
+---------------------+
Netsweeper is a software solution specialized in content filtering.

+----------------------+
+ Exploitation Details +
+----------------------+
Two specific parameters in two pages of Netsweeper Content Filtering solution v2.6.29.8 (and probable earlier versions) are vulnerable to SQL injection.
Condition: The exploitation can be performed by any non-authenticated user with access to the vulnerable pages (usually from everyone).

Vulnerability Type: SQL Injection [SQLi-I]
Vulnerable Page I: http://netsweeper/webadmin/auth/verification.php
Vulnerable POST Parameter: login

Vulnerability Type: SQL Injection [SQLi-II]
Vulnerable Page II: http://netsweeper/webadmin/deny/index.php
Vulnerable POST Parameter: dpid

+----------+
+ Solution +
+----------+
Upgrade to latest version.

+---------------------+
+ Disclosure Timeline +
+---------------------+
12-Jan-2011: Netsweeper fixed issue on 2.6.29.10
17-Jan-2015: CVE assigned CVE-2014-9613
11-Aug-2015: Public disclosure
|参考资料

来源:MISC

链接:https://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html


来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2014-9613