punBB < 1.2.2 Multiple SQL Injection and Authentication Bypass Vulnerabilities

high Nessus Network Monitor Plugin ID 2651

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running punBB, a web-based bulletin board. punBB works in conjunction with a SQL database. This version of punBB is vulnerable to several SQL injection flaws as well as an authentication bypass flaw. An attacker exploiting these flaws would only need to be able to send HTTP traffic to the web server. A successful SQL injection attack would give the attacker the ability to execute commands on the SQL server, view data, and modify data. A successful authentication bypass attack would give the attacker the ability to perform administrative tasks on the web server.

Solution

Upgrade to version 1.2.2 or higher.

Plugin Details

Severity: High

ID: 2651

Family: CGI

Published: 2/25/2005

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:punbb:punbb

Reference Information

CVE: CVE-2005-0569, CVE-2005-0570, CVE-2005-0571

BID: 12652

Detections

Analytics