DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase union select or possibly other statements that do not match the uppercase UNION SELECT.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Deluxebb | Deluxebb | 1.05 (including) | 1.05 (including) |
| Deluxebb | Deluxebb | 1.06 (including) | 1.06 (including) |
| Deluxebb | Deluxebb | 1.07 (including) | 1.07 (including) |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html
- http://secunia.com/advisories/21116
- http://securityreason.com/securityalert/1254
- http://www.securityfocus.com/archive/1/440435/100/0/threaded
- http://www.securityfocus.com/bid/19052
- http://www.vupen.com/english/advisories/2006/2879
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html
- http://secunia.com/advisories/21116
- http://securityreason.com/securityalert/1254
- http://www.securityfocus.com/archive/1/440435/100/0/threaded
- http://www.securityfocus.com/bid/19052
- http://www.vupen.com/english/advisories/2006/2879