Info

Disclosure

Apr 05, 2005

Discovery

Unknown

Dates

Exploit

Apr 05, 2005

Solution

Unknown

Description

Active Auction House contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the 'catid', 'SortDir' and 'Sortby' variables in the default.asp script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Public
OSVDB: Web Related

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

ActiveWebSoftwares.com

Active Auction House

3.6

References

Security Tracker: 1013649
Bugtraq ID: 13032
Secunia Advisory ID: 14839
Related OSVDB ID: 15282 15283 15284 15285 15286 15287
ISS X-Force ID: 19977
CVE ID: 2005-1029 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0079.html
http://marc.theaimsgroup.com/?l=bugtraq&m=111280834000432&w=2
Other Advisory URL: http://digitalparadox.org/advisories/aass.txt
Vendor URL: http://www.activewebsoftwares.com/

Credit

Diabolic Crab - dcrabhackerscenter.com - Personal Page

Direct URL: http://osvdb.org/15281