[VIM] ASP Survey - confusion and provenance
Steven M. Christey
coley at linus.mitre.org
Thu Feb 9 12:16:48 EST 2006
On Thu, 9 Feb 2006, security curmudgeon wrote:
> SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10 allows
> remote attackers to execute arbitrary SQL commands via the Password
> parameter. NOTE: the provenance of this information is unknown; the
> details are obtained solely from third party information.
> So we have Login_Validate.asp via unknown sources, and login.asp from this
> bugtraq post?
Just yesterday, a CVE analyst was analyzing references to add to this.
He looked at HTML source of the demo site and saw that login.asp called
Login_Validate.asp, so I modified the description accordingly; see below.
Reference: BUGTRAQ:20060204 sql injection in ASP Survey
SQL injection vulnerability in Login_Validate.asp in ASPSurvey 1.10
allows remote attackers to execute arbitrary SQL commands via the
Password parameter to login.asp.
ACCURACY: Through html source verification [Heinbockel], the login.asp
page forms use the Login_Validate.asp script.
More information about the VIM