Short Name |
HTTP:SQL:INJ:BTTLXEFORUM |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
BattleAxe Forum SQL Injection |
Release Date |
2005/03/24 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the BattleAxe Forum software. Without authentication, malicious users can encode SQL comment characters within a malformed login, enabling them to inject SQL into the forum database. For example, new administrator accounts, posts from other accounts, or other malformed data that could corrupt the forum database structure.
bttlxe Forum is a web-based discussion forum implemented in ASP. An SQL injection vulnerability has been reported to affect the 'login.asp' page of bttlxe Forum. The condition is reportedly due to insufficient sanitization of externally supplied data that is used to construct SQL queries. This data may be supplied via the 'password' field during the authentication process. The consequences may vary depending on the particular database implementation and the nature of the specific queries. One scenario reported was bypassing the bttlxe forum authentication system, however other attacks may also be possible.