Kwok Information Server Blind Sql Injection

2013-09-13 / 2013-10-20
Credit: Yogesh Phadtare
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2013-5028
CWE: CWE-89


CVSS Base Score: 6.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8/10
Exploit range: Remote
Attack complexity: Low
Authentication: Single time
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

##=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+## || || || Advisory : Kwok Information Server Blind Sql Injection || || Affected Version : 2.7.3 & 2.8.4 || || Vendor : http://www.kwoksys.com/index.php || || Risk : Medium || || CVE-ID : 2013-5028 || || Tested on Platform : Windows 7 || ##=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+## ============ Product Description: Kwok Information Server is an open source IT management system, providing a single application for managing IT assets, software licenses, contracts, issues, contacts. Additional modules include portal, RSS, blogging. (from product home page) ============ Vulnerability Description: A Blind SQL Injection vulnerability has been detected in Kwok Information Server. Application failed to sanitize user supplied input in parameters "hardwareType", "hardwareStatus" and "hardwareLocation" of page hardware-index. User must be authenticated to exploit this vulnerability. This vulnerability was tested with Kwok Information Server 2.7.3 and 2.8.4. Other versions may also be affected. ============= Impact: Successful exploitation of this vulnerability will allow a remote authenticated attacker to extract sensitive and confidential data from the database. ============= Proof of Concept: 1] Url: http://10.10.75.59:8080/kwok/IT/hardware-list.dll?cmd=search&hardwareType=49[Inject Payload Here] 2] Url: http://10.10.75.59:8080/kwok/IT/hardware-list.dll?cmd=search&hardwareStatus=0[Inject Payload Here] 3] Url: http://10.10.75.59:8080/kwok/IT/hardware-list.dll?cmd=search&hardwareLocation=0[Inject Payload Here] ============= Solution: This vulnerability has been fixed in version 2.8.5 of Kwok Information Server. ============= Disclosure Timeline: ~Vendor notification: 31st July ~Vendor response: 31st July ~Vendor released updates: 7th August ~Public disclosure: 12th September =========================================================================================================== Advisory discovered by: Yogesh Phadtare Secur-I Research Group http://securview.com/

References:

http://www.kwoksys.com/index.php


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top