Summary
The remote host is using Snitz Forum 2000
This version allow an attacker to execute stored procedures and non-interactive operating system commands on the system.
The problem stems from the fact that the 'Email' variable in the register.asp module fails to properly validate and strip out malicious SQL data.
An attacker, exploiting this flaw, would need network access to the webserver. A successful attack would allow the remote attacker the ability to potentially execute arbitrary system commands through common SQL stored procedures such as xp_cmdshell.
Solution
Upgrade to version 3.4.03 or higher
Severity
Classification
-
CVE CVE-2003-0286 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability
- Apache Tomcat Windows Installer Privilege Escalation Vulnerability
- Apache Struts2 Redirection and Security Bypass Vulnerabilities
- AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities
- Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability