HTTP: BattleAxe Forum SQL Injection
This signature detects attempts to exploit a known vulnerability in the BattleAxe Forum software. Without authentication, malicious users can encode SQL comment characters within a malformed login, enabling them to inject SQL into the forum database. For example, new administrator accounts, posts from other accounts, or other malformed data that could corrupt the forum database structure.
Extended Description
bttlxe Forum is a web-based discussion forum implemented in ASP. An SQL injection vulnerability has been reported to affect the 'login.asp' page of bttlxe Forum. The condition is reportedly due to insufficient sanitization of externally supplied data that is used to construct SQL queries. This data may be supplied via the 'password' field during the authentication process. The consequences may vary depending on the particular database implementation and the nature of the specific queries. One scenario reported was bypassing the bttlxe forum authentication system, however other attacks may also be possible.
Affected Products
Battleaxe_software bttlxe_forum
Short Name
HTTP:SQL:INJ:BTTLXEFORUM
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
BattleAxe CVE-2003-0215 Forum Injection SQL bid:7416
Release Date
03/24/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Battleaxe_software
CVSS Score
7.5