Hi Miroslav,
Thanks for taking a look. I looked deeper, to where the start variable is
actually used and i couldn't see any vulnerability....
Thanks,
A.
________________________________
From: Miroslav Stampar <miroslav.stam...@gmail.com>
To: Adi Mutu <adi_mut...@yahoo.com>
Cc: "sqlmap-users@lists.sourceforge.net" <sqlmap-users@lists.sourceforge.net>
Sent: Thursday, September 29, 2011 12:51 AM
Subject: Re: [sqlmap-users] is this really exploitable?
hi Adi.
you are basically right from my point of view.
just went through source code for v1.1.12 which should be vulnerable:
http://mirror.ord.simplemachines.org/downloads/smf_1-1-12_install.zip
and the official patch mentioned in that report:
http://custom.simplemachines.org/mods/downloads/smf_patch_2.0-RC4_security.zip
they've put some extra ("just in case") filtering, but from that
patch, source code of the "should be vulnerable version" and the info
from report ("...related to the cleanRequest function in
QueryString.php and the constructPageIndex function in Subs.php...")
there is nothing SQLi vulnerable related there.
these are just my observations related to the report. won't go into
detailed review of the whole code as it's tl;dr :)
kind regards,
Miroslav Stampar
On Wed, Sep 28, 2011 at 8:13 PM, Adi Mutu <adi_mut...@yahoo.com> wrote:
> Hello,
> probably this is not the type of questions you get, but i was just curious
> if anybody has encounterd this before:
> http://www.cvedetails.com/cve/CVE-2011-1130/
>
> it's suppose to be an sql injection in SMF 1.1.13 and bellow.....i'm looking
> at the source code of the forum and i don't see this as being exploitable.
> Anybody ever exploited this?
> Thanks,
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2dcopy1
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>
--
Miroslav Stampar
http://about.me/stamparm------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
