 |
Web-Based
Issue Tracking
Free 30-Day Trial - Click
Here |
 |
Write
10,000 lines of code in 10 minutes!
Iron Speed Designer – Free
Evaluation |
|
01.24.06
SQL Injection Vulnerability
 By
John Stith
A vulnerability was discovered in the ADOdb and can be exploited by hackers doing SQL injection attacks. The vulnerability only works on the PostgreSQL users. Andy Staudacher discovered the vulnerability and Secunia reported the issue as moderately critical on Tuesday.
The vulnerability itself showed up in previous version prior to the current 4.71 so the appropriate patchwork should be applied to all the previous version. The original release notes were posted at Sourceforge.net:
Recommended that all postgresql users upgrade to this version.
Fixes important postgresql security issues problems related
to binary strings. Thx to Andy Staudacher.
Also several DSN bugs fixed, including one introduced in 4.70
that corrupts underscores in the DSN, and in PHP5 DSN's did
not work. Added support for PDO DSN connections.
And the changes include:
DSN bugs found:
Web-Based
Issue Tracking
Free 30-Day Trial - Click
Here |
|
1. Fix bugs in DSN connections introduced in 4.70 when
underscores are found in the DSN.
2. DSN with _ did not work properly in PHP5 (fine in PHP4). Fixed.
3. Added support for PDO DSN connections in
NewADOConnection(), and database parameter in PDO::Connect().
Other bugs:
The oci8 datetime flag not correctly implemented in ADORecordSet_array. Fixed.
Added BlobDelete() to postgres, as a counterpoint to UpdateBlobFile().
Fixed GetInsertSQL() to support oci8po.
Fixed qstr() issue with postgresql with \0 in strings.
Fixed some datadict driver loading issues in _adodb_getdriver().
Write
10,000 lines of code in 10 minutes!
Iron Speed Designer – Free
Evaluation |
|
Added register shutdown function session_write_close in adodb-session.inc.php for PHP 5 compat.
All this is in addition to other SQL injection vulnerabilities. On Monday, an injection vulnerability was found in Zoph. This one was rated as moderately critical and a vendor patch corrected the problem. This was also an injection vulnerability.
Secunia also discovered another SQL injection vulnerability in e-moBLOG. To exploit this, hackers must disable the "magic_quotes_gpc." While the vulnerability was confirmed in the 1.3 version, other versions could be affect also.
Input passed to the "monthy" parameter in index.php and the "login" parameter in admin/index.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
All these vulnerabilities showing up fairly close together suggests a little more editing might need to be done on these products. While they aren't all exactly the same, SQL was the key to each and all were injection vulnerabilities. In any event, make sure updates are maintained and this will help eliminate problems.
About the Author:
John Stith is a staff writer for WebProNews covering technology and business. |
