Info

Disclosure

Sep 15, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Jelsoft Enterprises Limited vBulletin contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the x_invoice_num parameter in the subscriptions/authorize.php script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Classification

Location: Remote/Network Access Required
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Unavailable
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Jelsoft Enterprises Limited has released a patch to address this vulnerability.

Products

Jelsoft Enterprises Limited

vBulletin

3.0.3

References

Bugtraq ID: 11193
Secunia Advisory ID: 12531
ISS X-Force ID: 17365
CVE ID: 2004-2695 (see also: NVD)
Other Advisory URL: http://www.securiteam.com/unixfocus/5BP0E15E0M.html
Vendor Specific News/Changelog Entry: http://www.vbulletin.com/forum/bugs.php?do=view&bugid=3379
http://www.vbulletin.com/forum/showthread.php?t=124876
Vendor Specific Advisory URL: http://www.vbulletin.com/forum/showthread.php?p=734250#post734250

Credit

al3ndaleeb - al3ndaleebuk2.net -

Direct URL: http://osvdb.org/36218